Discover Centmin Mod today
Register Now

selinux - already configured?

Discussion in 'Install & Upgrades or Pre-Install Questions' started by Oxide, Oct 11, 2015.

  1. Oxide

    Oxide Active Member

    504
    29
    28
    Mar 19, 2015
    Ratings:
    +54
    Local Time:
    8:25 AM
    Hello,

    All I know about Selinux is that it's nice for people that like security, is this already configured within Centminmod? to work with mysql, nginx and so on?


    also does anyone have any suggested suhosin config to share? to disable bad functions etc? here is my current one:
    Code:
    extension=suhosin.so
    suhosin.cookie.encrypt = 1
    suhosin.executor.disable_eval = 0
    suhosin.get.max_value_length = 2048
    suhosin.get.max_vars = 1000
    suhosin.memory_limit = 0
    suhosin.post.max_value_length = 1000000
    suhosin.post.max_vars = 4096
    suhosin.post.max_array_index_length = 256
    suhosin.post.max_totalname_length = 8192
    suhosin.request.max_value_length = 1000000
    suhosin.request.max_vars = 4096
    suhosin.request.max_varname_length =  384
    suhosin.request.max_array_index_length = 256
    suhosin.request.max_totalname_length = 8192
    suhosin.upload.disallow_binary = 0
    suhosin.upload.disallow_elf = 1
    suhosin.upload.max_uploads = 25
    suhosin.upload.remove_binary = 0
    suhosin.executor.func.blacklist="exec,passthru,system,proc_open,popen,curl_multi_exec,parse_ini_file,show_source"
    
    not sure if any of those will use a lot of resources
     
  2. eva2000

    eva2000 Administrator Staff Member

    30,194
    6,789
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,144
    Local Time:
    8:25 AM
    Nginx 1.13.x
    MariaDB 5.5
    Selinux is disabled for Centmin Mod to work. See my reply at what is SE-linux and why disable ? | Centmin Mod Community

    for suhosin you're on you own but Configuration | SUHOSIN and official docs at Suhosin HOWTOs | SUHOSIN and FAQ at Frequently Asked Questions | SUHOSIN are what you need to read

    particular FAQ
     
  3. Oxide

    Oxide Active Member

    504
    29
    28
    Mar 19, 2015
    Ratings:
    +54
    Local Time:
    8:25 AM
    yes i've read their documentations, just curious if any other users here use it and have some nice combinations to share for a secure forum and sites, without conflicting stuff
     
  4. eva2000

    eva2000 Administrator Staff Member

    30,194
    6,789
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,144
    Local Time:
    8:25 AM
    Nginx 1.13.x
    MariaDB 5.5
    Would be php web app specific so i suspect would vary from person to person :) That's what suhosin simulation mode and logging is for :D