Date: Tue, 7 Jan 1997 09:41:54 -0700 (MST) From: Softweyr LLC <softweyr@xmission.com> To: veraldi@CS.UniBO.IT (Riccardo Veraldi) Cc: questions@freebsd.org Subject: Re: new bash of mine Message-ID: <199701071641.JAA12239@xmission.xmission.com> In-Reply-To: <Pine.SUN.3.91.970107161616.12719A-100000@flora> from "Riccardo Veraldi" at Jan 7, 97 04:16:52 pm
index | next in thread | previous in thread | raw e-mail
Riccardo Veraldi recently stated:
> I have modifyed a GNU Bourne Again Shell version 1.14.7
> this shell now intercepts every command line of the user
> and writes it in a database file together with the name of the user
> and the time when the user did the certain command line using the shell.
> The shell also does not allow to the user to delete or look inside
> the database unless the user is root.
> IF a user try to look in the database or to corrupt it the shell send
> a mail to root about the user behaviour.
> I have also modifyed the makefile to be suitable for the freeBSD UN*X
> environment.
> Could this shell be interesting for admin porpouse ?
> I mean could this be interesting as FreeBSD tool for administrators
> who do not trust so much in their users ?
Certainly. An ISP looking to record the actions of their users, for
instance, might be *very* interested in this, if implemented in a
secure manner. Where do the database files end up? How are they
written in a manner that the user cannot access them, even though the
log entries are coming from him?
> Who I have to ask for if my program is interesting?
I would be interested in looking at your changes. Can you make a set
of context diffs so I can patch a source tree?
We should probably take the rest of this discussion over to the
security mail list; I've directed replies there. If you don't
subscribe to that list already, you should. It is a relatively
low-volume list, with not much chattering.
--
"Where am I, and what am I doing in this handbasket?"
Wes Peters Softweyr LLC
http://www.xmission.com/~softweyr softweyr@xmission.com
help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199701071641.JAA12239>