Preventing modification of /etc/ld.so.preload with SELinux
The /etc/ld.so.preload is an environment variable in Linux that specifies a list of dynamic shared object (DSO) libraries to be preloaded before any others when a program is executed. These libraries can override functions and behaviors of other libraries, allowing for interception and modification of system calls and program behavior. This feature is often exploited by rootkits, malicious software designed to stay hidden with unauthorized access and control over a system.
Read now