My dude, check this out (or don’t, whatever), but the NSA has a Blue Team (defense) as well as a Red Team (the one you’re irrationally angry at). The NSA Blue team is responsible for securing US computer systems. Look that up on DDG.
SELinix is a MAC layer built to supplement the DAC later (traditional UNIX permissions) intended to secure things the DAC doesn’t.
With it, Apache can’t read /etc/password or random locations like /opt/something/somewhere. Without it, we get the Equifax data breach of 2017.
Everyone saying “I can’t stand up a simple web server with SELinux running” glosses over (or ignores) the fact that if they just put their files in the default location, which has the default contexts, it works. They just get pissed that they can’t serve up /some/random/location/ without fixing the context so Apache is allowed to read the files.
It was made by the NSA so that’s already minus 5 points right there.
I’m not kidding. Look it up on DDG.
the code is right there guy
Have you read it? Do you trust it unread?
Don’t tell you you actually read through the millions of lines of driver code in the Linux kernel
Some of it. I also don’t assume that it’s secure.
My dude, check this out (or don’t, whatever), but the NSA has a Blue Team (defense) as well as a Red Team (the one you’re irrationally angry at). The NSA Blue team is responsible for securing US computer systems. Look that up on DDG.
SELinix is a MAC layer built to supplement the DAC later (traditional UNIX permissions) intended to secure things the DAC doesn’t.
With it, Apache can’t read /etc/password or random locations like /opt/something/somewhere. Without it, we get the Equifax data breach of 2017.
Everyone saying “I can’t stand up a simple web server with SELinux running” glosses over (or ignores) the fact that if they just put their files in the default location, which has the default contexts, it works. They just get pissed that they can’t serve up /some/random/location/ without fixing the context so Apache is allowed to read the files.