Redhat: Apache webserver SELinux Booleans

Apache Default Active Booleans

httpd_builtin_scripting	permissions for PHP scripts in httpd_t directories
httpd_dbus_avahi	Access from http services to automated IP addresses
httpd_enable_cgi	Allows https services to execute CGI scripts
httpd_tty_comm	Enables communication with controlling terminals, eg for SSL
http_unified	Full read/write/execute access by all httpd_t files
xguest_connect_network	Allows access from secured guests

The full list of inactive booleans is shown below. There are several which are of more interest:

allow_httpd_anon_write	allows apache to write new files with public_content_rw_t type
allow_httpd_mon_auth_ntlm_winbind	support Microsoft authentication databases
allow_httpd_mod_auth_pam	enables access to PAM authentication
allow_httpd_sys_script_anon_write	configures write access by scripts to files with public_content_rw_t type
httpd_can_check_spam	web based email spam detection
httpd_can_network_connect	apache connections to remote ports
httpd_can_network_connect_cobbler	apache connections to cobbler installation servers
httpd_can_network_connect_db	apcahe connections to database servers
httpd_can_network_memcache	http memory caching for translation servers
httpd_can_network_relay	httpd proxy support
httpd_can_sendmail	allows httpd based email services
httpd_enable_homedirs	https access to home directories
httpd_execmem	operation of executable programs requiring access to memory
httpd_read_user_content	access to scripts from home directories
httpd_setrlimit	apache can modify the max number of file descriptors
httpd_ssi_exec	access to ssi scripts
http_tmp_exec	apache access to scripts that require access to /tmp
httpd_use_cifs	access to samba directories
http_use_gpg	allows use of gpg encryption
http_use_nfs	access to nfs shared directories