Vulnerability Development mailing list archives

Re: History Files

From: bgriffin () CDDB COM (Benjamin Elijah Griffin)
Date: Mon, 17 Apr 2000 10:57:50 -0700


gavina () CSIS GVSU EDU wrote:

On Sat, 15 Apr 2000, audit wrote:

I admin a few Linux servers and have a question about user's .bash_history
files. The users on the systems keep their history files but I would like
to have what they type logged to /root/history/$user_history

tail -f /home/user/.bash_history > /root/history/user.history

Even if the user has "HISTFILESIZE=0", it will still output the history
when the user logs out.


:r! cd; ls -l .bash_history
lrwxrwxrwx   1 bgriffin bgriffin        9 Jul  1  1999 .bash_history -> /dev/null

And if I knew that bash was patched to syslog everything, I could
run another shell. Then it becomes the usual escalation battle.
Unless the users have or can get root, this sort of accounting
is probably only reliable in the kernel.

Benjamin

Current thread:

Re: History Files, (continued)
- - - Re: History Files joyce (Apr 19)
    - non-exec stack Lamagra Argamal (Apr 19)
    - Weakness of static addr & MySQL database Tompkins, William A (Apr 20)
    - Re: Weakness of static addr & MySQL database Jim Kinney (Apr 20)
- Re: History Files Dan Garcia (Apr 15)
  - Re: History Files Jeff Bachtel (Apr 15)
    - Re: History Files Ron DuFresne (Apr 15)
  - Re: History Files Erik Fichtner (Apr 15)
- Re: History Files Gerardo (Apr 15)
- Re: History Files Aaron (Apr 15)
- Re: History Files Benjamin Elijah Griffin (Apr 17)
- Re: History Files Michel Arboi (Apr 18)
- Re: History Files Bojan Zdrnja (Apr 18)
  - Re: History Files Scott D. Yelich (Apr 19)
- Re: History Files Mark Tinberg (Apr 18)
- Re: History Files Cyber_Bob (Apr 18)