1 |
I did reply to your question a few hours back :/ |
2 |
|
3 |
Jon Howard wrote: |
4 |
> Hello, |
5 |
> I have a Gentoo SE system up and running as per the handbook(X86), |
6 |
> but I cannot get apache to execute cgi's in enforcing mode(the test ones |
7 |
> that come with apache). The scripts do work in permissive. Before I |
8 |
> got started in examing the apache.te file, I was wondering if I might |
9 |
> have an apache configuration issue. I guess the first question that I |
10 |
> have is whether perl or php scripts run in enforcing mode in the |
11 |
> hardened gentoo environment "out of the box?" I installed the perl and |
12 |
> php mods for apache, and changed the startup to include the -D option |
13 |
> for these, but in studying the SE model, I was afraid that some other |
14 |
> method for executing scripts might be in play. I removed the mods from |
15 |
> the -D statup option, but I am still getting the same results. So, will |
16 |
> it or won't it is my question. |
17 |
|
18 |
won't is the short answer. the long answer has been in your inbox when you wrote to the list. |
19 |
the short conclusion is that some cgi scripts need a kitchen sink to be allowed. it's up to the user to allow it or not. |
20 |
|
21 |
> Thanks, |
22 |
> Jon Howard |
23 |
|
24 |
|
25 |
-- |
26 |
petre rodan |
27 |
<kaiowas@g.o> |
28 |
Developer, |
29 |
Hardened Gentoo Linux |