SELinux?

[smeene]

I'm a beginner on Centos6 x64 with directadmin, I've read some guides that say how either SELinux or grsecurity are important to have for security. So I tried to enable SELinux and had a lot of problems with httpd and dovecot, I tried to change the policy to no avail, searching google for help yields limited results.

So my question is, is it "common" for people to use SELinux or grsecurity with directadmin, or is it something very few people achieve? Is it really a big security hole if I don't use it?

 

[SeLLeRoNe]

Disable SeLinux and install CSF Plugin that work as firewall (using iptables) for your server

Regards

 

[smeene]

Thanks, I do have csf installed, and mod_security as well, I was more just wondering if it's easy enough to enable SELinux or grsecurity for "extra" security, or if that's something that is important and commonly done?

 

[SeLLeRoNe]

Well, actually i dont use it and i dont see the need of it cause iptables with csf work pretty well.

Maybe someone else with more experience with SeLinux should reply

Regards

 

[nobaloney]

I was more just wondering if it's easy enough to enable SELinux or grsecurity for "extra" security, or if that's something that is important and commonly done?

It's easy enough to install, easy enough to enable. The problem is your server most likely won't run well, if at all. When enabling SELinux on a server you must configure it to allow every program to run that you will ever expect to run on your server. Including any and all php programs your client might install, with their paths.

I don't know anyone who has ever successfully gotten to run it on a shared webserver.

Have fun and ask on a forum specific to SELinux issues.

Jeff