?
Solved

software vendor telling me we have to disable selinux to use thier software....

Posted on 2016-07-27
3
Medium Priority
?
43 Views
Last Modified: 2016-08-22
software vendor telling me we have to disable selinux to use their software.... how dangerous is this?
0
Comment
Question by:Xetroximyn
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 23

Assisted Solution

by:savone
savone earned 1000 total points (awarded by participants)
ID: 41732393
There is no way to quantify exactly how dangerous this is without knowing a lot of other variables.  But if you feel strongly about the security of your system you should start looking into alternative software.
0
 
LVL 11

Accepted Solution

by:
Scott Silva earned 1000 total points (awarded by participants)
ID: 41733794
The problem is most likely they don't know how to write selinux rules to allow their software... It usually involves running in "permissive" mode and then looking in selinux logs for what needs to be allowed.

Many people run without selinux enabled, and your risks are usually in line with the amount of exposure you have to the outside world.

http://www.lurking-grue.org/writingselinuxpolicyHOWTO.html

http://www.billauer.co.il/selinux-policy-module-howto.html
0
 
LVL 11

Expert Comment

by:Scott Silva
ID: 41757602
I thought this was fair to split points.
0

Featured Post

Percona Live Europe 2017 | Sep 25 - 27, 2017

The Percona Live Open Source Database Conference Europe 2017 is the premier event for the diverse and active European open source database community, as well as businesses that develop and use open source database software.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

BIND is the most widely used Name Server. A Name Server is the one that translates a site name to it's IP address. There is a new bug in BIND (https://kb.isc.org/article/AA-01272), affecting all versions of BIND 9 from BIND 9.1.0 (inclusive) thro…
If you are a web developer, you would be aware of the <iframe> tag in HTML. The <iframe> stands for inline frame and is used to embed another document within the current HTML document. The embedded document could be even another website.
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
Suggested Courses
Course of the Month8 days, 20 hours left to enroll

764 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question