On Wed, Sep 30, 2020 at 03:57:56PM +0000, Jason Long wrote:
Could SELinux protect a server from Reverse Shell attacks? When
hackers
access to the CMSes like WordPress then they do a Reverse Shell for access
to the server. Could SELinux block it?
Yes, in a number of ways. First, it can constrain the WordPress process so
that whatever is needed to get the exploit into WordPress is blocked.
Second, even if that hole is wide open, it could prevent such a shell from
being launched. And third, it could constrain suspicious outgoing
connections, making a reverse shell attack impossible.
--
Matthew Miller
<mattdm(a)fedoraproject.org>
Fedora Project Leader