Vulnerability Development mailing list archives
Re: History Files
From: mej () VALINUX COM (Michael Jennings)
Date: Sat, 15 Apr 2000 23:35:28 -0700
On Saturday, 15 April 2000, at 17:31:44 (-0700), Corwin J. Grey wrote:
Actually there is a pretty good way that is so simple it's nearly foolproof (there are a one or two ways around it, but any program that spawns a shell will (if you limit all the shells to bash) launch bash which will write a session log on exit. Force each user to use bash first of all, and don't allow them to change shells. In your /root/history/$user_history create a file for the user (e.g. /root/history/bob) mkdir /root/history chmod 0777 /root/history touch /root/history/bob ln -s /root/history/bob /home/bob/.bash_history chmod 0600 /root/history/bob chown bob.bob /root/history/bob chattr +au /root/history/bob And happy logging :)
I don't suppose anyone realized that the user, having write permissions to his/her own home directory, could simply remove the soft link? Or move it out of the way? Michael -- "To live on as we have is to leave behind joy, and love, and companionship, because we know it to be transitory, of the moment. We know it will turn to ash." -- Lorien, Babylon Five ======================================================================= Michael Jennings <mej () eterm org> www.tcserv.com PGP Key ID: BED09971 Software Engineer, VA Linux Systems Author, Eterm (www.eterm.org)
Current thread:
- Re: History Files, (continued)
- Re: History Files Dragos Ruiu (Apr 15)
- Re: History Files Crispin Cowan (Apr 15)
- Re: History Files Dragos Ruiu (Apr 15)
- Re: History Files Seth R Arnold (Apr 15)
- Re: History Files Omachonu Ogali (Apr 15)
- Re: History Files Corwin J. Grey (Apr 15)
- Re: History Files Corwin J. Grey (Apr 15)
- Re: History Files Omachonu Ogali (Apr 15)
- Re: History Files Corwin J. Grey (Apr 15)
- Re: History Files Gert-Jan Hagenaars (Apr 16)
- Re: History Files Bluefish (Apr 17)
- Re: History Files Omachonu Ogali (Apr 15)
- Re: History Files Michael Jennings (Apr 15)
- Re: History Files Mark Rafn (Apr 16)
- Alternative to historyfile logging. Joel Eriksson (Apr 17)
- Re: History Files Joel Eriksson (Apr 17)
- Re: History Files spiff (Apr 18)
- Re: History Files Corwin J. Grey (Apr 16)
- Re: History Files Michael Jennings (Apr 16)
- Cooments on the dvwssr.dll vulnerability threads Iván Arce (Apr 17)
- Re: History Files Senior Systems Administrator - Kris W. (Apr 16)
- quick dirty and most of all-easy process accounting via lkm Security Team (Apr 16)