On 08/22/2014 09:56 AM, Tyler Mace wrote: > It's working now! Here's what I had to do: > > setsebool -P httpd_unified 1 > > Is this approach overly permissive? I was surprised that it was all I > had to do. >
This is basically an "allow-all" option for httpd. It's fine if Review Board is the only thing being served by httpd on this system (such as in a dedicated VM or container). If you have other web services on this machine, it means that an exploit in one of them could potentially gain access to the others. -- Get the Review Board Power Pack at http://www.reviewboard.org/powerpack/ --- Sign up for Review Board hosting at RBCommons: https://rbcommons.com/ --- Happy user? Let us know at http://www.reviewboard.org/users/ --- You received this message because you are subscribed to the Google Groups "reviewboard" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
