Full Disclosure mailing list archives
Re: encrypt the bash history
From: "Zach C." <fxchip () gmail com>
Date: Sun, 6 Feb 2011 13:17:22 -0800
Pretty much what the others said with the addition that if you can't trust root, you simply cannot trust *any* command on that machine, including gpg, since root can compromise them in many ways, too. Best bet is to download it every session and clear it -- but be warned that even any method used to clear it can have a trap that secretly backs it up, however unlikely. Bottom line -- either trust root or don't use the machine. Those are your options if you feel paranoid enough that you don't want root always watching you. It's worth pointing out, by the way, that there are ways of watching your program executions without using your bash history, like auditd for example. In fact, I was able to write a script to parse auditd logs out to do just that in a really easy-to-read way -- "user (running as user2) ran /usr/bin/ssh with args: ssh user@host ..." On Feb 6, 2011 6:18 AM, "Emanuel dos Reis Rodrigues" < emanueldosreis () gmail com> wrote:
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- encrypt the bash history Zerial. (Feb 04)
- Re: encrypt the bash history Valdis . Kletnieks (Feb 04)
- Re: encrypt the bash history Zerial. (Feb 04)
- Re: encrypt the bash history Erik Falor (Feb 04)
- Re: encrypt the bash history Zerial. (Feb 06)
- Re: encrypt the bash history Rodrigo Rubira Branco (BSDaemon) (Feb 06)
- Re: encrypt the bash history Peter Maxwell (Feb 06)
- Re: encrypt the bash history Emanuel dos Reis Rodrigues (Feb 06)
- Re: encrypt the bash history Zerial. (Feb 04)
- Re: encrypt the bash history Valdis . Kletnieks (Feb 04)
- Re: encrypt the bash history Valdis . Kletnieks (Feb 04)
- <Possible follow-ups>
- Re: encrypt the bash history Zach C. (Feb 06)
- Re: encrypt the bash history Cal Leeming [Simplicity Media Ltd] (Feb 06)
- Re: encrypt the bash history Champ Clark III [Softwink] (Feb 08)