FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Debian > Debian User

 
 
LinkBack Thread Tools
 
Old 03-08-2012, 01:16 PM
Stayvoid
 
Default Securing Debian Manual: 4.10.9.2 Using the shell history file

Hello.

"Note that you could introduce the configuration above in the user's
.profile. But then you would need to setup permissions properly in
such a way that prevents the user from modifying this file. This
includes: having the user's home directories not belong to the user
(since he would be able to remove the file otherwise) but at the same
time enable them to read the .profile configuration file and write on
the .bash_history. It would be good to set the immutable flag (also
using chattr) for .profile too if you do it this way."
How to make this?

http://www.debian.org/doc/manuals/securing-debian-howto/ch4.en.html

Cheers


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: CAK5fS_EaGCQB--UsebUSG-uoH+WS-hORDtNeMMnLnom2Xn7jRw@mail.gmail.com">http://lists.debian.org/CAK5fS_EaGCQB--UsebUSG-uoH+WS-hORDtNeMMnLnom2Xn7jRw@mail.gmail.com
 
Old 03-08-2012, 09:29 PM
Martin Steigerwald
 
Default Securing Debian Manual: 4.10.9.2 Using the shell history file

Am Donnerstag, 8. März 2012 schrieb Stayvoid:
> Hello.

Hi Stayvoid,

> "Note that you could introduce the configuration above in the user's
> .profile. But then you would need to setup permissions properly in
> such a way that prevents the user from modifying this file. This
> includes: having the user's home directories not belong to the user
> (since he would be able to remove the file otherwise) but at the same
> time enable them to read the .profile configuration file and write on
> the .bash_history. It would be good to set the immutable flag (also
> using chattr) for .profile too if you do it this way."
> How to make this?
>
>
> http://www.debian.org/doc/manuals/securing-debian-howto/ch4.en.html

Well its explained there in quite a good detail.

The command for changing attributes is mentioned some sentences above and
if you want to tackle anything out of this manual, you´d properly better
know how to change permissions on files and directories. I think such basic
stuff does not belong here. Security is no cut&paste thing IMHO, but
involves *understanding* whats going on.

Forcing users to keep their history might rise legal privacy protection
issues.

Ciao,
--
Martin 'Helios' Steigerwald - http://www.Lichtvoll.de
GPG: 03B0 0D6C 0040 0710 4AFA B82F 991B EAAC A599 84C7


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 201203082329.45010.Martin@lichtvoll.de">http://lists.debian.org/201203082329.45010.Martin@lichtvoll.de
 

Thread Tools




All times are GMT. The time now is 09:18 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright ©2007 - 2008, www.linux-archive.org