Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 235021 - Changes to bash for auditing
Summary: Changes to bash for auditing
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: bash
Version: 5.0
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
: ---
Assignee: Roman Rakus
QA Contact: Chris Ward
URL:
Whiteboard:
Depends On: 244135
Blocks:
TreeView+ depends on / blocked
 
Reported: 2007-04-03 12:49 UTC by Steve Grubb
Modified: 2014-01-13 00:06 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: Enhancement
Doc Text:
Clone Of:
Environment:
Last Closed: 2009-01-20 21:10:12 UTC


Attachments (Terms of Use)
Create advisory TTY audit events (deleted)
2007-06-15 08:28 UTC, Miloslav Trmač
no flags Details | Diff
The patch submitted upstream (deleted)
2007-12-06 00:03 UTC, Miloslav Trmač
no flags Details | Diff


Links
System ID Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2009:0116 normal SHIPPED_LIVE bash bug fix update 2009-01-20 16:04:47 UTC

Description Steve Grubb 2007-04-03 12:49:30 UTC
Description of problem:
NISPOM, DCID 6/3, and PCI security standards all call out for the ability to
monitor the actions of the root user. I'm working on a patch in coordination
with upstream that provides this capability.

The first attempt was to create something like rsh but it was found to be too
easy to defeat. What I would like to do at this point is create a second bash
that has auditing turned on. You could install either bash with or without
auditing. The default would be without.

Comment 1 RHEL Product and Program Management 2007-06-05 20:32:23 UTC
This request was evaluated by Red Hat Product Management for
inclusion in a Red Hat Enterprise Linux release.  Since this
bugzilla is in a component that is not approved for the current
release, it has been closed with resolution deferred.  You may
reopen this bugzilla for consideration in the next release.

Comment 3 Miloslav Trmač 2007-06-15 08:28:29 UTC
Created attachment 157071 [details]
Create advisory TTY audit events

Comment 4 RHEL Product and Program Management 2007-10-16 04:03:00 UTC
This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux maintenance release.  Product Management has requested
further review of this request by Red Hat Engineering, for potential
inclusion in a Red Hat Enterprise Linux Update release for currently deployed
products.  This request is not yet committed for inclusion in an Update
release.

Comment 9 Miloslav Trmač 2007-12-06 00:03:40 UTC
Created attachment 278921 [details]
The patch submitted upstream

Comment 18 errata-xmlrpc 2009-01-20 21:10:12 UTC
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2009-0116.html


Note You need to log in before you can comment on or make changes to this bug.