Re: bash_history to track users

From: Ansgar -59cobalt- Wiechers (bugtraq_at_planetcobalt.net)
Date: 11/17/03

  • Next message: Zachary Mutrux: "RE: Linux for newbies"
    Date: Mon, 17 Nov 2003 10:12:25 +0100
    To: security-basics@securityfocus.com
    
    

    On 2003-11-14 jrd@gerdesas.com wrote:
    > Perhaps I am missing something here, but wouldn't modifying bash to
    > syslog the activities be a little more secure in the long run?

    Yes and no. Having every user's input logged to syslog would most likely
    lead to a dramatically increasing syslog size. You will have to make
    sure that the user won't be able to change his/her shell thus bypassing
    your measures.

    Also keep in mind that logging user input may be considered a privacy
    violation depending on your country's jurisdiction and the company's
    policy.

    Regards
    Ansgar Wiechers

    ---------------------------------------------------------------------------
    Forum Systems PRESIDIO: PGP / XML GATEWAY APPLIANCE
    The Presidio integrates PGP data encryption and XML Web Services security to
    simplify the management and deployment of PGP and reduce overall PGP costs
    by up to 80%.
    FREE WHITEPAPER & 30 Day Trial -
    http://www.securityfocus.com/sponsor/ForumSystems_security-basics_031027
    ----------------------------------------------------------------------------


  • Next message: Zachary Mutrux: "RE: Linux for newbies"