Re: process accounting
From: Reveret Julien (shaddai_at_nerim.net)
Date: 05/27/03
- Previous message: Patrascu Eugeniu: "Re: process accounting"
- In reply to: Patrascu Eugeniu: "Re: process accounting"
- Next in thread: mark.securityfocus_at_winksmith.com: "Re: process accounting"
- Reply: mark.securityfocus_at_winksmith.com: "Re: process accounting"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 27 May 2003 19:15:02 +0200 To: focus-linux@securityfocus.com
On Tue, May 27, 2003 at 10:51:46AM +0300, Patrascu Eugeniu wrote:
> On Mon, 2003-05-26 at 21:38, Reveret Julien wrote:
> >
> > What you can do is patch your system with grsec patches, or patch your
> > users' shell. There is a patch for bash which makes bash logs everything
> > that is typed (I don't remember the url, search for bash+logging+patch).
>
>
> Why don't you use the good old process accounting feature ?
Because this guy wants to log all the arguments of every command run by
users, process accounting doesn't. Moreover, lastcomm output is not
that easy to read when you need some informations, whereas a log which
looks like a .bash_history, with timestamps, can makes it easier to
catch these informations.
-- We are the knights who say echo '16i[q]sa[ln0=aln100%Pln100/snlbx]sbA0D4D465452snlbxq'|dc
- Previous message: Patrascu Eugeniu: "Re: process accounting"
- In reply to: Patrascu Eugeniu: "Re: process accounting"
- Next in thread: mark.securityfocus_at_winksmith.com: "Re: process accounting"
- Reply: mark.securityfocus_at_winksmith.com: "Re: process accounting"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
