On Tue, Oct 16, 2018 at 02:15:39AM PDT, Sheogorath spake thusly: > I wonder if there is a way to prevent a direct piping from curl to bash > using SELinux. No good way to prevent it. If they can install software they can do it. Don't install curl. Monitor for process executions. I have auditd log execs. Anytime someone runs curl or wget in our production environment something's up. -- Tracy Reed http://tracyreed.org Digital signature attached for your safety.
Attachment:
signature.asc
Description: PGP signature
_______________________________________________ selinux mailing list -- selinux@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to selinux-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/selinux@xxxxxxxxxxxxxxxxxxxxxxx
