Security Basics mailing list archives
RE: bash_history
From: Alexander Klimov <alserkli () inbox ru>
Date: Tue, 12 Apr 2005 17:16:54 +0300 (IDT)
On Mon, 11 Apr 2005, Nuno Costa wrote:
if you just want to prevent the user from modify or delete entrys from the bash_history file, and do not touch permissions and other stuff, maybe is create backups in realtime from this files, in a root dir, where the user cant touch it...
.bash_history is written only on (clean) exit, so if, for example, you kill -9 $$ the history file will be never updated.
so if the user tries to modify or delete this file, you have in your root dir, backups from this files, that was created in real time.
BTW: this would allow to make a DoS attack on disk space (even if each user has his own quota)... Probably the easiest way to record user's activity is to force her to use script (man script). -- Regards, ASK --------------------------------------------------------------------------- Earn your MS in Information Security ONLINE Organizations worldwide are in need of highly qualified information security professionals. Norwich University is fulfilling this demand with its MS in Information Security offered online. Recognized by the NSA as an academically excellent program, NU offers you the opportunity to earn your degree without disrupting your home or work life. http://www.msia.norwich.edu/secfocus_en ----------------------------------------------------------------------------
Current thread:
- bash_history Alejandro Flores (Apr 08)
- Re: bash_history Michael Gale (Apr 09)
- Re: bash_history l0rd4gu1 (Apr 09)
- Re: bash_history tmpgl (Apr 11)
- Re: bash_history John R. Morris (Apr 09)
- Re: bash_history Johnny Mast (Apr 09)
- RE: bash_history Alexandre Skyrme (Apr 11)
- RE: bash_history Nuno Costa (Apr 11)
- RE: bash_history Alexander Klimov (Apr 12)
- RE: bash_history Nuno Costa (Apr 11)
- Re: bash_history Igor Plisco (Apr 14)
- <Possible follow-ups>
- Re: bash_history Daniel Cid (Apr 09)
- RE: bash_history Simon Li (Apr 11)