Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: bash_history to track users

From: Todd Neal <tolchz () tolchz net>
Date: Thu, 6 Nov 2003 15:53:58 -0500

* On  Thu, Nov  6 11:56AM Helder Miguel Rodrigues <hmgr () netcabo pt> said :

See
http://freshmeat.net/projects/xsh-paranoia/?branch_id=43687&release_id=136308&topic_id=884%2C862%2C148%2C136

I think it will help you!



This won't help if the user :
        compiles their own shell
        runs an installed shell that isn't patched
        writes a mini shell in perl (chdir, stat, opendir, unlink, etc.)
        launches eshell from within Emacs, a shell written entirely in elisp


And this is just from thinking for a few seconds, there are several other ways to 
run a command without letting the patched shell see it.

Todd


---------------------------------------------------------------------------
Forum Systems PRESIDIO: PGP / XML GATEWAY APPLIANCE
The Presidio integrates PGP data encryption and XML Web Services security to 
simplify the management and deployment of PGP and reduce overall PGP costs 
by up to 80%.
FREE WHITEPAPER & 30 Day Trial - 
http://www.securityfocus.com/sponsor/ForumSystems_security-basics_031027 
----------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: