I have a shell command flow from many users, and I want to filter readonly commands. Now, my solution is to check each command with a readonly command list (eg, cd
, ll
, ls
, cat
, ldd
, top
and so on).
There are 2 drawbacks in my solution:
So, is there any better solution for this problem?
Sounds like you may be looking for auditd
, available for Linux (not sure about other OS's). This facility will allow you to put alerts on whatever files you want so that writes to them are logged. You can also audit system calls.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.