Simplicity is a form of art...

Limiting file access with SELinux alone?
by Sven Vermeulen, post on Tue 31 December 2013

While writing a small script to handle simple certificate authority activities using OpenSSL, I considered how to properly protect the files that OpenSSL uses for these activities. As you are probably aware, a system that hosts the necessary files for CA activities (like signing certificate requests) should be very secure …