On Fri, Sep 26, 2014 at 08:35:27PM -0500, kristau wrote: > Maybe I'm missing something here, but wouldn't properly configured SELINUX > policies prevent an apache/httpd owned cgi from executing /bin/bash? Webservers should run chroot, no reason to have to depend on selinux. Nicolai