Comment on How to make sure your Linux system users won’t hide or delete their .bash_history / Securing .bash_history file – Protect Linux system users shell history by Rob Fortune.
BTW, a lot of those attributes aren’t respected by filesystems, the “secure delete” being a prime example, ext2 ext3 are explicitly mentioned as ignoring it in the manual, I tested it with ext4 and ext4 too takes no notice. I filed a bug on it and the response made me believe there are other attribs commonly ignored – you should test they actually work with your file system before relying on them.
Rob Fortune Also Commented
How to make sure your Linux system users won’t hide or delete their .bash_history / Securing .bash_history file – Protect Linux system users shell history
Do you have python or perl installed? A quick REPL loop that executes system calls and you have a very lame bash with no history 🙂
How to make sure your Linux system users won’t hide or delete their .bash_history / Securing .bash_history file – Protect Linux system users shell history
You could of course patch bash to not have these options, but you were correct in saying “it won’t a 100% guaranttee that a good cracker won’t be able to come up with a way to get around the imposed .bash_history security measures.”
I’m far from a good cracker 🙂 I bet there are other ways around it too.
How to make sure your Linux system users won’t hide or delete their .bash_history / Securing .bash_history file – Protect Linux system users shell history
rob@bob:~/tmp/foo> exec env -i bash –noprofile –norc
bash-4.1$ unset HISTFILE
