chroot is old man :) Use a VM On Jan 28, 2008 6:03 AM, Benjamin Franz <[EMAIL PROTECTED]> wrote:
> On Mon, 28 Jan 2008, John Summerfield wrote: > > > solarflow99 wrote: > >> I wonder if anyone has run apache like this? it seems interesting > that > >> only > >> bind runs in a root jail.. > > > > I'm not sure that there's any point except for the most paranoid, given > > well-configured enforcing selinux. > > Security problems come in many guises. One of the most insidious is a > security system that causes more problems than the things it purports to > protect against. > > When you understand why passwords made of thirty completely random > alpha/non-alpha characters are a really bad idea in general practice > despite having excellent theoretic justifications, you will also > understand why SELinux is _also_ a very bad idea in general practice, > despite having a good base in theory. > > Or to put it another way: "The more they overthink the plumbing, the > easier it is to stop up the drain." > > -- > Benjamin Franz > > _______________________________________________ > rhelv5-list mailing list > [email protected] > https://www.redhat.com/mailman/listinfo/rhelv5-list >
_______________________________________________ rhelv5-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/rhelv5-list
