Re: Preventing curl | bash

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 10/17/2018 11:13 AM, Tracy Reed wrote:
On Tue, Oct 16, 2018 at 02:15:39AM PDT, Sheogorath spake thusly:
I wonder if there is a way to prevent a direct piping from curl to bash
using SELinux.
No good way to prevent it. If they can install software they can do it.
Don't install curl. Monitor for process executions. I have auditd log
execs. Anytime someone runs curl or wget in our production environment
something's up.
chmod 700 $(which curl)

but a selinux policy preventing those exact pipe invocations would be interesting
_______________________________________________
selinux mailing list -- selinux@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to selinux-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/selinux@xxxxxxxxxxxxxxxxxxxxxxx




[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux