Vulnerability Development mailing list archives
Re: History Files
From: techs () OBFUSCATION ORG (Erik Fichtner)
Date: Sat, 15 Apr 2000 19:54:50 -0400
On Sat, Apr 15, 2000 at 07:34:54PM -0400, Dan Garcia wrote:
In /etc/profile u can set many things. One is the HISTFILE. Default is ~user/.bash_history but u can specify another one. May i add that login what user does on the shell can be futile. And experience user can add to his .bash_profile the line: export HISTFILE=/dev/null and voila! are never logged.
You can just remove the HISTFILE and HISTLINES support from bash and hardcode them into the shell. of course, then the user will just use .logout to rm .bash_history. as long as they have write access to the file, they can destroy it. the syslog() idea is about the best that you can do, as far as I've seen. of course, they'll just exec /bin/sh when they want to hide from you. -- Erik Fichtner; Warrior SysAdmin (emf|techs) 34.9908% http://www.obfuscation.org/techs/ N 38 53.055' W 77 21.860' 764 ft. "What's the most effective Windows NT remote management tool?" "A car." -- Stephen Northcutt
Current thread:
- quick dirty and most of all-easy process accounting via lkm, (continued)
- quick dirty and most of all-easy process accounting via lkm Security Team (Apr 16)
- Re: History Files George Dodd (Apr 18)
- Re: History Files Perly (Apr 19)
- Re: History Files joyce (Apr 19)
- non-exec stack Lamagra Argamal (Apr 19)
- Weakness of static addr & MySQL database Tompkins, William A (Apr 20)
- Re: Weakness of static addr & MySQL database Jim Kinney (Apr 20)
- Re: History Files Jeff Bachtel (Apr 15)
- Re: History Files Ron DuFresne (Apr 15)
- Re: History Files Erik Fichtner (Apr 15)
- Re: History Files Scott D. Yelich (Apr 19)