|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Zerial. (fernando
zerial.org)
Date: Fri Feb 04 2011 - 13:18:53 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 02/04/11 16:13, Valdis.Kletnieksvt.edu wrote:
> On Fri, 04 Feb 2011 16:06:06 -0300, "Zerial." said:
>> what is the best way to encrypt the bash_history file?
>> I try using crypt/decrypt with GPG when login/logout. It works, but not
>> safe enough.
>
> Explain what the threat model is, and why GPG isn't safe enough? It's kind of
> hard to recommend "best" when we don't understand what the criteria are...
>
The "way" is not safe enough. root can login as me (su - user) and
bash_history will be decrypted. I try to find any better way to crypt
and make unreadable the bash_history file from any other users,
including root.
- --
Zerial
Seguridad Informatica
GNU/Linux User #382319
Blog: http://blog.zerial.org
Jabber: zerialjabberes.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAk1MURwACgkQIP17Kywx9JRGXwCfToQUoK083yvMoDPcfPXSLQ9t
RpgAnjrhppTAnLB/ZAthZMpOvvMaGQ5o
=rm9l
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]