search for: mensom

Hey guys, I've been getting some strange selinux messages after the 5.3 upgrade. It appears as though my mail system (postfix) is constantly trying to access the rpm database? Here's the audit messages (I tend to look at my selinux messages using audit2allow < /var/log/audit.log as I find it easier to read quickly): allow postfix_postdrop_t rpm_t:tcp_socket { read write }; allow

Has anyone set up any form of apache user isolation on CentOS? I have multiple virtual hosts on my machine, run by users who do not trust eachother. The problem is that any php script run by apache is able to do things like raw file io on other users' .htpasswds, php scripts, hidden directory listings, and so on. Database passwords can even be divulged in this way, since they are often stored