Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: encrypt the bash history

From: "Zerial." <fernando () zerial org>
Date: Fri, 04 Feb 2011 16:18:53 -0300
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 02/04/11 16:13, Valdis.Kletnieks () vt edu wrote:

On Fri, 04 Feb 2011 16:06:06 -0300, "Zerial." said:

what is the best way to encrypt the bash_history file?
I try using crypt/decrypt with GPG when login/logout. It works, but not
safe enough.


Explain what the threat model is, and why GPG isn't safe enough?  It's kind of
hard to recommend "best" when we don't understand what the criteria are...



The "way" is not safe enough. root can login as me (su - user) and
bash_history will be decrypted. I try to find any better way to crypt
and make unreadable the bash_history file from any other users,
including root.





- -- 
Zerial
Seguridad Informatica
GNU/Linux User #382319
Blog: http://blog.zerial.org
Jabber: zerial () jabberes org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk1MURwACgkQIP17Kywx9JRGXwCfToQUoK083yvMoDPcfPXSLQ9t
RpgAnjrhppTAnLB/ZAthZMpOvvMaGQ5o
=rm9l
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: