Hi,
Im new to grsecurity,
I want apache2 to only
- access (rX, not write, not delete) /var/www /srv/a /srv/b
- rwx /var/log (d is not needed, delete is done via logrotate right?)
- what eles apache2 needs?
- apache2 will run only PHP, will not execute CGI scripts - what can I add?
- php uses mysql, postgresql
what EXACLY and WHERE should I add, how to test do it work, what are some tips&tricks in case of trouble?