On Fri, 31 Jul 2009, Ned Slider wrote:
> Boris Epstein wrote:
> >
> > I found an even simplier solution - disabled SELinux. I've got a
> > firewall and that is plenty.
> >
>
> Wow, not sure I'd place all my faith in a firewall.
>
> There is an SELinux tutorial on the Wiki that explicitly covers how to
> handle Apache serving content outside of DocumentRoot:
>
> http://wiki.centos.org/HowTos/SELinux
Is this why DBD::SQLite broke under mod_perl recently in
CentOS?
I.e. Apache process is accessing an sqlite file that is
outside the docroot. This is how it should be.
Conf perms (allow/deny) only secure what files you can
access by calling them up with a uri mapping. They don't
apply to what files a script or handler can access; any of
these processes running as user apache can access any files
that user could access on the system.
Unless selinux is interfereing. Is that what's going on?
Help?
Mark
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos