Vulnerability Development mailing list archives

Re: History Files

From: taylord () INFOSECURE COM AU (David Taylor)
Date: Mon, 17 Apr 2000 08:53:20 +0800


Hi all,

I guess that this thread has been done to death by now, but I just wanted
to add a couple of ideas.  Would it be possible to wrap the exec()
syscalls, and write the UID and exec() args to syslog?  This would safely
write a log of all successful AND un-successful commands to a location
that is untouchable by non-root users.  I guess that you could even get
the call wrapper to check the return code from exec and write this to
syslog also.

Regards,
Dave Taylor

Current thread:

Re: History Files, (continued)
- - - Re: History Files Carson Gaspar (Apr 15)
    - limited functionality accounts (was: Re: History Files) Marc Slemko (Apr 16)
    - Re: limited functionality accounts (was: Re: History Files) Seth R Arnold (Apr 16)
    - Re: limited functionality accounts (was: Re: History Files) Einar Indridason (Apr 26)
    - Controlling a program's resource usage on Unix Bernie Cosell (Apr 16)
    - Re: Controlling a program's resource usage on Unix Seth R Arnold (Apr 16)
    - Re: Controlling a program's resource usage on Unix Isaac (Apr 21)
    - Re: Controlling a program's resource usage on Unix Crispin Cowan (Apr 16)
    - Re: Controlling a program's resource usage on Unix Matej Kovac (Apr 17)
    - Re: Controlling a program's resource usage on Unix Pavel Kankovsky (Apr 18)
    - Re: History Files David Taylor (Apr 16)
    - Re: History Files Boris Sagadin (Apr 17)
    - Fwd: RAZOR Analysis of dvwssr.dll Blue Boar (Apr 17)
    - Re: History Files iconoclast (Apr 18)
    - Re: History Files Bluefish (Apr 19)
  - Re: History Files Dragos Ruiu (Apr 15)
    - Re: History Files Crispin Cowan (Apr 15)
- Re: History Files Seth R Arnold (Apr 15)
- Re: History Files Omachonu Ogali (Apr 15)
  - Re: History Files Corwin J. Grey (Apr 15)
- Re: History Files Corwin J. Grey (Apr 15)

(Thread continues...)