Re: How protect bash history file, do audit alike in server

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On 08/08/2012 11:34 AM, Brian Mathis wrote:
> Capturing history files is error-prone and a very bad way to approach
> this problem.  You should instead look into using process accounting,
> provided by the psacct package.  You can read about it here:
> http://www.cyberciti.biz/tips/howto-log-user-activity-using-process-accounting.html

+1

bash_history is not a log for the admin, it's a convenience for the 
user.  Users who want to hide their tracks can unset HISTFILE or switch 
to a different shell.  Process accounting is the only solution that's 
even remotely reliable.

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos


[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux