Choosing A Webhost:
A web hosting service is a type of Internet hosting service that allows individuals and organizations to provide their own website accessible via the World Wide Web. Web hosts are companies that provide space on a server they own for use by their clients as well as providing Internet connectivity, typically in a data center. Web hosts can also provide data center space and connectivity to the Internet for servers they do not own to be located in their data center, called colocation. more...
|
Re: [Bug 164992] New: Mod_proxy does not work with SElinux default policy: msg#00060
|
Subject: |
Re: [Bug 164992] New: Mod_proxy does not work with SElinux default policy |
Joe Orton wrote:
On Mon, Aug 08, 2005 at 04:40:42PM +0100, Joe Orton wrote:
On Fri, Aug 05, 2005 at 02:49:37PM -0400, Daniel J Walsh wrote:
Joe Orton wrote:
No, when mod_proxy is used as a generic HTTP proxy (a not entirely
uncommon configuration) it needs to be able to connect to any remote
port on any remote address.
Defaulting apache to can_network_connect_any=1 could allow a subverted
apache web server to be setup as a spammer, or a launch site for further
attacks. So I don't think this would be a good idea.
Currently the following is known to be broken in the default
configuration:
Another one, https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=165592
4) web applications which connect to remote LDAP databases, and
similarly, I guess, the Apache LDAP-based authentication module, if
configured to use remote LDAP databases.
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
http://www.redhat.com/mailman/listinfo/fedora-selinux-list
Latest policy has
can_ldap(httpd_t) which should allow httpd scripts to connect to the
ldap port. Could I give a similar connect to mysql to solve your problem?
--
|
| |
