Vulnerability Development mailing list archives
Re: History Files
From: crispin () WIREX COM (Crispin Cowan)
Date: Sun, 16 Apr 2000 00:56:33 +0000
Dragos Ruiu wrote:
IMHO the process accounting or piping everyone through some sort of logging ptys would be the only feasible ways to pseudo-reliably do this. Bash_history is a good aid, but likely a poor primary security mechanism.
I completely agree; that was more or less the point I was making. If the user has a shell to start with, then they can do controlled exec's, and the shell logging game is over. Of course, in the last half hour about 12 other people have also made this point, so it's not so interesting any more :-) "Process accounting" sounds promising, but I'm not that familiar with Linux's accounting capabilities. For more secure logging, people might want to check out this project to add BSM logging to linux http://soledad.cs.ucdavis.edu/ . There's also an enhanced audit project here http://www.postech.ac.kr/~jong/WEB/files.html I'm not that up on these things, as my research http://immunix.org/ is aimed at preventing the attacer from ever getting to run code on my machine, while still providing a rich set of services. IMHO, it is spectacularly difficult to provide effective security partitioning on a multi-user machines (it can be done, but it's hard, and it makes the machine inconvenient to use). Since PCs are so cheap, just give each user their own machine, rather than giving them a server login account. Crispin ----- Crispin Cowan, CTO, WireX Communications, Inc. http://wirex.com Free Hardened Linux Distribution: http://immunix.org JOBS! http://immunix.org/jobs.html
Current thread:
- Re: Controlling a program's resource usage on Unix, (continued)
- Re: Controlling a program's resource usage on Unix Isaac (Apr 21)
- Re: Controlling a program's resource usage on Unix Crispin Cowan (Apr 16)
- Re: Controlling a program's resource usage on Unix Matej Kovac (Apr 17)
- Re: Controlling a program's resource usage on Unix Pavel Kankovsky (Apr 18)
- Re: History Files David Taylor (Apr 16)
- Re: History Files Boris Sagadin (Apr 17)
- Fwd: RAZOR Analysis of dvwssr.dll Blue Boar (Apr 17)
- Re: History Files iconoclast (Apr 18)
- Re: History Files Bluefish (Apr 19)
- Re: History Files Dragos Ruiu (Apr 15)
- Re: History Files Crispin Cowan (Apr 15)
- Re: History Files Corwin J. Grey (Apr 15)
- Re: History Files Omachonu Ogali (Apr 15)
- Re: History Files Corwin J. Grey (Apr 15)
- Re: History Files Gert-Jan Hagenaars (Apr 16)
- Re: History Files Bluefish (Apr 17)
- Re: History Files Mark Rafn (Apr 16)