Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 91498 Details for
Bug 91327
Bash Syslog patch
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Corrected patch for bash-3.1
bash-3.1-bash-logger.patch (text/plain), 2.16 KB, created by
Victor Nawothnig
on 2006-07-11 12:30:24 UTC
(
hide
)
Description:
Corrected patch for bash-3.1
Filename:
MIME Type:
Creator:
Victor Nawothnig
Created:
2006-07-11 12:30:24 UTC
Size:
2.16 KB
patch
obsolete
>Add support for logging bash commands via syslog(). >Useful for deploying in honeypot environments. > >http://bugs.gentoo.org/show_bug.cgi?id=91327 >http://www.nardware.co.uk/Security/html/bashlogger.htm > >--- bashhist.c >+++ bashhist.c >@@ -705,7 +705,7 @@ > { > hist_last_line_added = 1; > hist_last_line_pushed = 0; >- add_history (line); >+ add_history (line, 1); > history_lines_this_session++; > } > >--- lib/readline/histexpand.c >+++ lib/readline/histexpand.c >@@ -1222,9 +1222,7 @@ > > if (only_printing) > { >-#if 0 >- add_history (result); >-#endif >+ add_history (result, 1); > return (2); > } > >--- lib/readline/histfile.c >+++ lib/readline/histfile.c >@@ -262,7 +262,7 @@ > { > if (HIST_TIMESTAMP_START(line_start) == 0) > { >- add_history (line_start); >+ add_history (line_start,0); > if (last_ts) > { > add_history_time (last_ts); >--- lib/readline/history.c >+++ lib/readline/history.c >@@ -31,6 +31,8 @@ > > #include <stdio.h> > >+#include <syslog.h> >+ > #if defined (HAVE_STDLIB_H) > # include <stdlib.h> > #else >@@ -246,10 +250,24 @@ > /* Place STRING at the end of the history list. The data field > is set to NULL. */ > void >-add_history (string) >- const char *string; >+add_history (string, logme) >+ const char *string; >+ int logme; /* 0 means no sending history to syslog */ > { > HIST_ENTRY *temp; >+ if (logme) { >+ if (strlen(string)<600) { >+ syslog(LOG_LOCAL5 | LOG_INFO, "HISTORY: PID=%d UID=%d %s", >+ getpid(), getuid(), string); >+ } >+ else { >+ char trunc[600]; >+ strncpy(trunc,string,sizeof(trunc)); >+ trunc[sizeof(trunc)-1]='\0'; >+ syslog(LOG_LOCAL5 | LOG_INFO, "HISTORY: PID=%d UID=%d %s(++TRUNC)", >+ getpid(), getuid(), trunc); >+ } >+ } > > if (history_stifled && (history_length == history_max_entries)) > { >--- lib/readline/history.h >+++ lib/readline/history.h >@@ -80,7 +80,7 @@ > > /* Place STRING at the end of the history list. > The associated data field (if any) is set to NULL. */ >-extern void add_history PARAMS((const char *)); >+extern void add_history PARAMS((const char *, int )); > > /* Change the timestamp associated with the most recent history entry to > STRING. */
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=91498">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 91327
:
57941
|
57967
|
91498
