Y
Hacker News
new
|
ask
|
show
|
jobs
by
jrcii
3807 days ago
Some shells do have this built in, for example bash's history file, typically set to ~/.bash_history
1 comments
jlgaddis
3807 days ago
Which is easily defeated, of course ...
link
jrcii
3807 days ago
Some file systems support append-only permissions, although I've never used them. I wonder if that would work with bash's history file?
link
detaro
3807 days ago
No, since you can just turn it off or prepend all your commands with a space to hide them.
link
jrcii
3807 days ago
You can remove ignorespace from HISTCONTROL for the latter, and for the former, can't you just remove chattr's execute permission for that user?
link
jlgaddis
3807 days ago
The user can point $HISTFILE elsewhere (e.g., /dev/null), `unset` it, use another shell, ...
link
jrcii
3806 days ago
It looks like you could lock down the environment variables with rbash
http://unix.stackexchange.com/questions/66627/is-there-anywa...
But that's getting into no-man's land I guess
link