Improve security with polyinstantiation
If you’re concerned about protecting world-writeable shared directories such as /tmp or /var/tmp from abuse, a Linux® Pluggable Authentication Module (PAM) can help you. The pam_namespace module creates a separate namespace for users on your system when they login. This separation is enforced by the Linux operating system so that …Read More
SELinux security
Anyone (including me) playing around with something more than default servers (cPanel, webmin/virtualmin/cloudmin, plesk, ispconfig…etc) knows that selinux = off. That’s the Law. But what about a minimum policy ? Targeted and mls can’t and shouldn’t work on environments like a web server with home users. But if you need …Read More