I'm looking for ways to improve the security of some of our servers- one in particular which runs mail as well as an AFS fileserver. I'm concerned that a hacked mail server could lead to compromise of the server key, which would then compromise the entire cluster. SELinux would be able to keep the file server key safe from other processes, but I don't know if it would play nicely with AFS. Has anyone tried running OpenAFS under SELinux, and if so, does it work well?
Thanks, Joshua _______________________________________________ OpenAFS-info mailing list [email protected] https://lists.openafs.org/mailman/listinfo/openafs-info
