HPE Community
Operating System - HP-UX
1836442 Members
3618 Online
110100 Solutions
New Discussion

Protect history file

 
Roro_2
Regular Advisor

‎05-24-2007 05:13 PM

‎05-24-2007 05:13 PM

Protect history file

Hi,
I am working on rx1620 server running HPUX 11i v2 ( june 2006) ; for every user ( root and others ) a corresponding shell cmmand history file created in a directory.
I would like to protect the history files because the users are able to delete them from the above directory ( directory permission -wx,-wx,-wx).
How can i protect the files from deletion ;
Is there any other solution.

Thanks and Regards

Roger

0 Kudos
Reply
3 REPLIES 3
Maxim Yakimenko
Super Advisor

‎05-24-2007 06:16 PM

‎05-24-2007 06:16 PM

Re: Protect history file

What is the reason for this? Why you dont want to allow users to delete their own files? What is "above directory"? History file as I know gets created in home dir of user, or I dont know something? If in home directory why permissions of home set to -wx,-wx,-wx? I think it is more preferable to setup concrete groups and set perms to "all for user", "read-exec for his group" or "all for group" if it is a case, "nothing for others".
0 Kudos
Reply
Matti_Kurkela
Honored Contributor

‎05-24-2007 06:29 PM

‎05-24-2007 06:29 PM

Re: Protect history file

The shell command history file is just a convenience feature. It is not a reliable source for auditing user actions, as it can easily be circumvented.

Because the user can write to the file, he/she can always _overwrite_ it with the data of his/her choice. Some shells will keep the history data in memory during the session and only write it out when the user exits the shell. If the user "kill -9":s his/her shell, there will be no record at all about the killed session in the history file.

If you need a reliable log of the users' actions, you have to use the audit subsystem of HP-UX or install some tool that is specifically made for this purpose.

MK
MK
0 Kudos
Reply
Roro_2
Regular Advisor

‎05-24-2007 07:08 PM

‎05-24-2007 07:08 PM

Re: Protect history file

Hello MK,
Thanks a lot for your concern.
Could you help me and tell me how to implement HPUX auditing and how to trace shell users commands from audit files.

Regards

Roger

0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.