Is this SELinux permission OK?
by n00b_noob from LinuxQuestions.org on (#58BDX)
Hello,
I'm using CentOS 8 as a web server that hosting a WordPress website. I defined SELinux for WordPress directory as below:
Code:# ls -lZ /var/www/
drwxrwxr-x. 7 apache apache unconfined_u:object_r:httpd_sys_rw_content_t:s0 4096 Sep 19 23:37 wpI created an account for a remote developer that working on WordPress. On some websites, I saw that the OK permission for
wp directory is "httpd_sys_r_content_t" and not "httpd_sys_rw_content_t" and someone recommended to back permission via below command:
Code:# restorecon -rv /var/www/wpIs it true? Is "httpd_sys_rw_content_t" a dangerous permission and can lead to hacking?
Thank you.
I'm using CentOS 8 as a web server that hosting a WordPress website. I defined SELinux for WordPress directory as below:
Code:# ls -lZ /var/www/
drwxrwxr-x. 7 apache apache unconfined_u:object_r:httpd_sys_rw_content_t:s0 4096 Sep 19 23:37 wpI created an account for a remote developer that working on WordPress. On some websites, I saw that the OK permission for
wp directory is "httpd_sys_r_content_t" and not "httpd_sys_rw_content_t" and someone recommended to back permission via below command:
Code:# restorecon -rv /var/www/wpIs it true? Is "httpd_sys_rw_content_t" a dangerous permission and can lead to hacking?
Thank you.