An attacker will have a hard time escaping the SELinux jail on your browser? The browser with JIT? The browser that can save files that the user can execute? The browser that downloads open-source software from sites that have been trojaned? The user that can ptrace his own processes? The user that can modify his own .bashrc? The user that can add a line to his .bashrc to present a trojaned bash to the user? That can present a fake password/two-factor prompt and just pass on the credentials invisibly?
Default SELinux policies aren't going to do anything. If a policy is as generic enough for everyone's individual use-cases, it's weak enough for the user to shoot himself in the foot. Your generic distro kernels also have a nice huge attack surface. An attacker can prepare for all of these things in advance for a pretty one-shot: your kernel is public, your policies are public.
Always execute ssh with the full path because your $PATH can't be trusted? If your $PATH can't be trusted, you will have more problems than executing ssh as /usr/bin/ssh will solve.
Keep on believing! This SELinux/two-factor religion will surely pay off. It's no wonder you can't secure your systems.
Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds