malware disabling SELinux

0001-01-01

Some examples of Linux malware such as the Skidmap malware will disable SELinux by running commands such as:

echo 0 > /selinux/enforce
setenforce 0
setenforce Permissive

Alternatively, they may edit /etc/sysconfig/selinux, setting SELINUX=enforcing, SELINUX=disabled, SELINUXTYPE=targeted, or similar settingst that effectively disable or render SELinux ineffective.

https://www.tecmint.com/disable-selinux-in-centos-rhel-fedora/


Links to this note