This has been enlightening, thanks!
On Fri, Jan 18, 2013 at 2:47 PM, P Fudd wrote:
>
> > Zachary Stern wrote:
> > Does it make sense to block outgoing connections for a web server? There
> > are some cases where our apps do connect to things like external APIs,
> and
> > they do it on the back
> Zachary Stern wrote:
> Does it make sense to block outgoing connections for a web server? There
> are some cases where our apps do connect to things like external APIs, and
> they do it on the backend, not necessarily in-browser.
Block outgoing connections to anything apart from the machines y
Does it make sense to block outgoing connections for a web server? There
are some cases where our apps do connect to things like external APIs, and
they do it on the b ackend, not necessarily in-browser.
On Fri, Jan 18, 2013 at 2:36 PM, P Fudd wrote:
> On 18 January 2013 16:31, Zachary Stern w
On 18 January 2013 16:31, Zachary Stern wrote:
> I wanted to get some opinions - do you folks think running httpd in a
> chroot jail is necessary on a server that only does httpd-serving and
> nothing else?
A chroot jail prevents a hacker from accessing anything you don't put in
the jail. If you
Maybe one day I will learn how SELinux works :)
Anyway I am running on Ubuntu, which mainly supports AppArmor (although
SELinux is available). So I'll probably look into that.
On Fri, Jan 18, 2013 at 11:34 AM, Alex Leonhardt wrote:
> is it a super secret application and if you get hacked you'll
is it a super secret application and if you get hacked you'll expose lots
of cc numbers or similar ? if not - i dont think running it in a jail is
necessary - you should however run it with selinux on ;) !
On 18 January 2013 16:31, Zachary Stern wrote:
> I wanted to get some opinions - do you f
I wanted to get some opinions - do you folks think running httpd in a
chroot jail is necessary on a server that only does httpd-serving and
nothing else?