| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 6 Feb 2011 13:17:22 -0800
From: "Zach C." <fxchip@...il.com>
To: Emanuel dos Reis Rodrigues <emanueldosreis@...il.com>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: encrypt the bash history
Pretty much what the others said with the addition that if you can't trust
root, you simply cannot trust *any* command on that machine, including gpg,
since root can compromise them in many ways, too. Best bet is to download it
every session and clear it -- but be warned that even any method used to
clear it can have a trap that secretly backs it up, however unlikely.
Bottom line -- either trust root or don't use the machine. Those are your
options if you feel paranoid enough that you don't want root always watching
you.
It's worth pointing out, by the way, that there are ways of watching your
program executions without using your bash history, like auditd for example.
In fact, I was able to write a script to parse auditd logs out to do just
that in a really easy-to-read way -- "user (running as user2) ran
/usr/bin/ssh with args: ssh user@...t ..."
On Feb 6, 2011 6:18 AM, "Emanuel dos Reis Rodrigues" <
emanueldosreis@...il.com> wrote:
Content of type "text/html" skipped
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists