Full Disclosure mailing list archives
Re: encrypt the bash history
From: "Cal Leeming [Simplicity Media Ltd]" <cal.leeming () simplicitymedialtd co uk>
Date: Mon, 7 Feb 2011 06:44:47 +0000
This may/may not be relevant to your interests. Me and a friend once stumbled across a lovely sys admin many years ago, that patched bash to force it to log remotely (no I don't have the source). Long story short, it got the desired effect that the sys admin was wanting lol. On Sun, Feb 6, 2011 at 9:17 PM, Zach C. <fxchip () gmail com> wrote:
Pretty much what the others said with the addition that if you can't trust root, you simply cannot trust *any* command on that machine, including gpg, since root can compromise them in many ways, too. Best bet is to download it every session and clear it -- but be warned that even any method used to clear it can have a trap that secretly backs it up, however unlikely. Bottom line -- either trust root or don't use the machine. Those are your options if you feel paranoid enough that you don't want root always watching you. It's worth pointing out, by the way, that there are ways of watching your program executions without using your bash history, like auditd for example. In fact, I was able to write a script to parse auditd logs out to do just that in a really easy-to-read way -- "user (running as user2) ran /usr/bin/ssh with args: ssh user@host ..." On Feb 6, 2011 6:18 AM, "Emanuel dos Reis Rodrigues" < emanueldosreis () gmail com> wrote: _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: encrypt the bash history, (continued)
- Re: encrypt the bash history Valdis . Kletnieks (Feb 04)
- Re: encrypt the bash history Zerial. (Feb 04)
- Re: encrypt the bash history Erik Falor (Feb 04)
- Re: encrypt the bash history Zerial. (Feb 06)
- Re: encrypt the bash history Rodrigo Rubira Branco (BSDaemon) (Feb 06)
- Re: encrypt the bash history Peter Maxwell (Feb 06)
- Re: encrypt the bash history Emanuel dos Reis Rodrigues (Feb 06)
- Re: encrypt the bash history Zerial. (Feb 04)
- Re: encrypt the bash history Valdis . Kletnieks (Feb 04)
- Re: encrypt the bash history Valdis . Kletnieks (Feb 04)
- Re: encrypt the bash history Cal Leeming [Simplicity Media Ltd] (Feb 06)
- Re: encrypt the bash history Champ Clark III [Softwink] (Feb 08)