| 1 |
I did reply to your question a few hours back :/ |
| 2 |
|
| 3 |
Jon Howard wrote: |
| 4 |
> Hello, |
| 5 |
> I have a Gentoo SE system up and running as per the handbook(X86), |
| 6 |
> but I cannot get apache to execute cgi's in enforcing mode(the test ones |
| 7 |
> that come with apache). The scripts do work in permissive. Before I |
| 8 |
> got started in examing the apache.te file, I was wondering if I might |
| 9 |
> have an apache configuration issue. I guess the first question that I |
| 10 |
> have is whether perl or php scripts run in enforcing mode in the |
| 11 |
> hardened gentoo environment "out of the box?" I installed the perl and |
| 12 |
> php mods for apache, and changed the startup to include the -D option |
| 13 |
> for these, but in studying the SE model, I was afraid that some other |
| 14 |
> method for executing scripts might be in play. I removed the mods from |
| 15 |
> the -D statup option, but I am still getting the same results. So, will |
| 16 |
> it or won't it is my question. |
| 17 |
|
| 18 |
won't is the short answer. the long answer has been in your inbox when you wrote to the list. |
| 19 |
the short conclusion is that some cgi scripts need a kitchen sink to be allowed. it's up to the user to allow it or not. |
| 20 |
|
| 21 |
> Thanks, |
| 22 |
> Jon Howard |
| 23 |
|
| 24 |
|
| 25 |
-- |
| 26 |
petre rodan |
| 27 |
<kaiowas@g.o> |
| 28 |
Developer, |
| 29 |
Hardened Gentoo Linux |
Archives