in reply to Re^4: LWP running as cgi
in thread LWP running as cgi
SELinux is blocking httpd processes from connecting to the net (probably to stop hackers from attacking other machines from httpd)
There is another reason to keep the webserver from accessing the internet. Sometimes web applications have security holes that allow an attacker to execute a program that is available on the net, like with PHP's remote include "feature". Or the attacker's payload (like a spambot or rootkit) might be too big for a vulnerable web form.
While it should be preferable to avoid having security holes in web applications; I think it is prudent to make it hard to exploit a vulnerability to take over a system. Therefore I suggest that you think carefully before disabling these security measures.
|
---|
Replies are listed 'Best First'. | |
---|---|
Re^6: LWP running as cgi
by elwoodblues (Novice) on Sep 23, 2008 at 02:36 UTC |
In Section
Seekers of Perl Wisdom