On Fri, 04 Feb 2011 16:18:53 -0300, "Zerial." said: > The "way" is not safe enough. root can login as me (su - user) and > bash_history will be decrypted. I try to find any better way to crypt > and make unreadable the bash_history file from any other users, > including root. Agreed. GPG makes the rather rash assumption that you use it on a system where the computing resources can be at least somewhat trusted (i.e. it assumes you're not on a system that somebody else may have installed a keystroke logger or similar). 1a) It may be simpler/safer to totally disable the feature so you don't leave behind a .bash_history. 1b) If you don't trust root with your .bash_history, why do you trust root with every single keystroke you entered while doing the commands that created that history? (Think about that for a bit...)
Attachment:
pgpa5Sij3wXUG.pgp
Description: PGP signature
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/