Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: History Files

From: mej () VALINUX COM (Michael Jennings)
Date: Sat, 15 Apr 2000 23:35:28 -0700

On Saturday, 15 April 2000, at 17:31:44 (-0700),
Corwin J. Grey wrote:


Actually there is a pretty good way that is so simple it's nearly foolproof
(there are a one or two ways around it, but any program that spawns a shell
will (if you limit all the shells to bash) launch bash which will write a
session log on exit.

Force each user to use bash first of all, and don't allow them to change
shells.

 In your /root/history/$user_history create a file for the user (e.g.
/root/history/bob)

 mkdir /root/history
 chmod 0777 /root/history

 touch /root/history/bob
 ln -s /root/history/bob /home/bob/.bash_history
 chmod 0600 /root/history/bob
 chown bob.bob /root/history/bob
 chattr +au /root/history/bob

And happy logging :)


I don't suppose anyone realized that the user, having write
permissions to his/her own home directory, could simply remove the
soft link?  Or move it out of the way?

Michael

--
 "To live on as we have is to leave behind joy, and love, and
  companionship, because we know it to be transitory, of the moment.
  We know it will turn to ash."                -- Lorien, Babylon Five
=======================================================================
Michael Jennings  <mej () eterm org>  www.tcserv.com  PGP Key ID: BED09971
Software Engineer, VA Linux Systems       Author, Eterm (www.eterm.org)
Previous By Date Next
Previous By Thread Next

Current thread: