Hi, it's mostly a question out of curiosity but maybe useful for some people. I wonder if there is a way to prevent a direct piping from curl to bash using SELinux. And of course one can download a file and then run bash on it, but a simple rule that prevents direct piping would at least give a heads up about it. -- Signed Sheogorath
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ selinux mailing list -- selinux@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to selinux-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/selinux@xxxxxxxxxxxxxxxxxxxxxxx