Home page logo
/

basics logo Security Basics mailing list archives

RE: bash_history to track users
From: "Thiago Lima " <thiagolima () webforce com br>
Date: Fri, 14 Nov 2003 18:02:34 -0200


But not too different. The user must still have write access. 
Otherwise, how would the shell write to it? If the shell can 
write to it, so can the user. Anyway, what if the user has 
more than one instance running? .bash_history only has the 
history of one instance. Or tcsh? Or any other shell for that matter?

you could use a special partition that you only store those 'bash logs'
and set it to just allow appends. Files can't be deleted or edited.

man e2fs

regards
thiago.


---------------------------------------------------------------------------
Forum Systems PRESIDIO: PGP / XML GATEWAY APPLIANCE
The Presidio integrates PGP data encryption and XML Web Services security to 
simplify the management and deployment of PGP and reduce overall PGP costs 
by up to 80%.
FREE WHITEPAPER & 30 Day Trial - 
http://www.securityfocus.com/sponsor/ForumSystems_security-basics_031027 
----------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]