Solved

software vendor telling me we have to disable selinux to use thier software....

Posted on 2016-07-27
3
28 Views
Last Modified: 2016-08-22
software vendor telling me we have to disable selinux to use their software.... how dangerous is this?
0
Comment
Question by:Xetroximyn
  • 2
3 Comments
 
LVL 23

Assisted Solution

by:savone
savone earned 250 total points (awarded by participants)
ID: 41732393
There is no way to quantify exactly how dangerous this is without knowing a lot of other variables.  But if you feel strongly about the security of your system you should start looking into alternative software.
0
 
LVL 10

Accepted Solution

by:
Scott Silva earned 250 total points (awarded by participants)
ID: 41733794
The problem is most likely they don't know how to write selinux rules to allow their software... It usually involves running in "permissive" mode and then looking in selinux logs for what needs to be allowed.

Many people run without selinux enabled, and your risks are usually in line with the amount of exposure you have to the outside world.

http://www.lurking-grue.org/writingselinuxpolicyHOWTO.html

http://www.billauer.co.il/selinux-policy-module-howto.html
0
 
LVL 10

Expert Comment

by:Scott Silva
ID: 41757602
I thought this was fair to split points.
0

Featured Post

VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
capture pcap with filtered traffic 1 67
Need To Change Centos 6 Timestamp Form In Log File 24 73
Tomcat on Windows.  URL with {curly braces} fails. 1 58
centos commands 6 54
The purpose of this article is to demonstrate how we can upgrade Python from version 2.7.6 to Python 2.7.10 on the Linux Mint operating system. I am using an Oracle Virtual Box where I have installed Linux Mint operating system version 17.2. Once yo…
BIND is the most widely used Name Server. A Name Server is the one that translates a site name to it's IP address. There is a new bug in BIND (https://kb.isc.org/article/AA-01272), affecting all versions of BIND 9 from BIND 9.1.0 (inclusive) thro…
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…

832 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question