bash history security

Bash history can reviel what a person commands where .
but what if the person wants to hide his tracks , he may use the

unset HISTFILE

will couse bash to delete the history upon logout .
there is how ever a harden attribute you may set to overcome this problem
when a user login , there are set of files/scripts the profile runs .
one place you may put such script would be under /etc/profile.d/ , with file extension sh
as it is being called by /etc/profile .
just place this small line in there :

readonly HISTFILE

now when a person wants to unset this parameter , bash will scream with this error

-su: unset: HISTFILE: cannot unset: readonly variable
Posted in Tips and Tricks Tagged with: , ,