Re: root shell auditing
- From: "Gautam R. Singh" <gautam.singh@xxxxxxxxx>
- Date: Wed, 6 Aug 2008 16:30:20 -0400
And there is rootsh as well :)
On Wed, Aug 6, 2008 at 3:17 PM, Christian Lete <clete@xxxxxxxxxxxxxxxx> wrote:
Maybe sudosh can suit your needs.
De: listbounce@xxxxxxxxxxxxxxxxx [mailto:listbounce@xxxxxxxxxxxxxxxxx] En
nombre de Hari Sekhon
Enviado el: Miércoles, 06 de Agosto de 2008 03:16 p.m.
CC: p.turner@xxxxxxxxxxxx; focus-linux
Asunto: Re: root shell auditing
You can implement a simple system by using /usr/bin/script utility andYes I know this one. The problems with all of these little hacks is that
pipe it a fifo on a NFS share for example. You need to establish a
policy of course because there's an easy way to go around it. For more
info and example read "man script".
Hope this helps,
they are easily circumventable.
GrSecurity's Exec logging is something I'm investigating right now...
I've used it's chdir logging on a chrooted server of mine and it's quite