Unix下是否有记录所有用户command history的工具？ - 未名空间MITBBS历史存档

国际科技财经博客移民网络热点娱乐民生时事公众号

Redian新闻

>未名空间

>Security - 系统安全

Unix下是否有记录所有用户command history的工具？

Unix下是否有记录所有用户command history的工具？# Security - 系统安全

z*q2003-03-13 08:03

1 楼

There are usually history files under a user's home directory. But is there
away to log all user's commands reliably? That is, a user can't delete the
log, and the sysadmin can view all the commands executed by a user.

p*s2003-03-13 08:03

2 楼

"accton" will turn on process logging.
Every process executed will be logged and can be analyzed.
However, as the logged data is so big, you need futuristic
data mining technology to see what has happened.

【在 z*q 的大作中提到】

: There are usually history files under a user's home directory. But is there
: away to log all user's commands reliably? That is, a user can't delete the
: log, and the sysadmin can view all the commands executed by a user.

m*r2003-03-13 08:03

3 楼

由超级用户打开system log功能
所有用户的命令会被记载到/var/adm/log
不过用处不大，用户完全可以把他的某个恶意程序执行伪装成是在执行
普通操作，比如编辑什么程序

【在 p****s 的大作中提到】

:
: "accton" will turn on process logging.
: Every process executed will be logged and can be analyzed.
: However, as the logged data is so big, you need futuristic
: data mining technology to see what has happened.