Redhat: Apache webserver SELinux Booleans

Apache Default Active Booleans

httpd_builtin_scripting	permissions for PHP scripts in httpd_t directories
httpd_dbus_avahi	Access from http services to automated IP addresses
httpd_enable_cgi	Allows https services to execute CGI scripts
httpd_tty_comm	Enables communication with controlling terminals, eg for SSL
http_unified	Full read/write/execute access by all httpd_t files
xguest_connect_network	Allows access from secured guests

The full list of inactive booleans is shown below. There are several which are of more interest:

allow_httpd_anon_write	permissions for PHP scripts in httpd_t directories
allow_httpd_mon_auth_ntlm_winbind	Access from http services to automated IP addresses
allow_httpd_mod_auth_pam	Allows https services to execute CGI scripts
allow_httpd_sys_script_anon_write	Enables communication with controlling terminals, eg for SSL
httpd_can_check_spam	Full read/write/execute access by all httpd_t files
httpd_can_network_connect	Allows access from secured guests
httpd_can_network_connect_cobbler	permissions for PHP scripts in httpd_t directories
httpd_can_network_connect_db	Access from http services to automated IP addresses
httpd_can_network_memcache	Allows https services to execute CGI scripts
httpd_can_network_relay	Enables communication with controlling terminals, eg for SSL
httpd_can_sendmail	Full read/write/execute access by all httpd_t files
httpd_enable_homedirs	Allows access from secured guests
httpd_execmem	permissions for PHP scripts in httpd_t directories
httpd_read_user_content	Access from http services to automated IP addresses
httpd_setrlimit	Allows https services to execute CGI scripts
httpd_ssi_exec	Enables communication with controlling terminals, eg for SSL
http_tmp_exec	Full read/write/execute access by all httpd_t files
httpd_use_cifs	Allows access from secured guests
http_use_gpg	Full read/write/execute access by all httpd_t files
http_use_nfs	Allows access from secured guests