From owner-freebsd-hackers Tue Feb 11 0: 4:22 2003 Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E984037B401; Tue, 11 Feb 2003 00:04:21 -0800 (PST) Received: from foem.leiden.webweaving.org (fia224-72.dsl.hccnet.nl [62.251.72.224]) by mx1.FreeBSD.org (Postfix) with ESMTP id B2C0943F93; Tue, 11 Feb 2003 00:04:17 -0800 (PST) (envelope-from dirkx@webweaving.org) Received: from foem (foem [10.11.0.2]) by foem.leiden.webweaving.org (8.12.6/8.12.6) with ESMTP id h1B84Bwc040543 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO); Tue, 11 Feb 2003 09:04:11 +0100 (CET) (envelope-from dirkx@webweaving.org) Date: Tue, 11 Feb 2003 09:04:11 +0100 (CET) From: Dirk-Willem van Gulik X-X-Sender: dirkx@foem.leiden.webweaving.org To: Julian Elischer Cc: hackers@FreeBSD.ORG, Subject: Re: Some "security" questions. In-Reply-To: Message-ID: <20030211090102.A39612-100000@foem.leiden.webweaving.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Mon, 10 Feb 2003, Julian Elischer wrote: > 1/ Command logging. We're thinking that a hacked version of the shell > that logs commands may do what they want, but personally I > think that if you are going to log things then you really want to > PROPERLY do it, and log the EXEC commands along with the arguments. > (sadmin et al. doesn't give arguments, and neither does ktrace) For a quick solution; we've simply used the script command - which execvp()'s into the shell. But that is nowhere near a ktrace. Dw. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message