On Tue, Oct 16, 2018 at 02:15:39AM PDT, Sheogorath spake thusly:
I wonder if there is a way to prevent a direct piping from curl to
bash
using SELinux.
No good way to prevent it. If they can install software they can do it.
Don't install curl. Monitor for process executions. I have auditd log
execs. Anytime someone runs curl or wget in our production environment
something's up.
--
Tracy Reed
http://tracyreed.org
Digital signature attached for your safety.