On Tue, Sep 25, 2007 at 10:18:17 -0400, Gene Heskett <gene.heskett@xxxxxxxxxxx> wrote: > On Tuesday 25 September 2007, Frank Cox wrote: > >On Tue, 25 Sep 2007 01:19:51 -0700 > > > >Brian Mury <brianmury@xxxxxxxxxxxxxx> wrote: > >> That would work, so long as the user doesn't modify ~/.bash_logout. > > > >chown root.root .bash_logout > >chmod 444 .bash_logout > >cp .bash_logout /etc/skel > > > >You're off to the races. > > > Oooh, that's nasty. It won't work against hostile users unless you also change ownership of their home directory. Otherwise they will be able to delete the file. And even if you do that they should be able to kill their shell and avoid running .logout that way. Better to just tell them to behave or else and not prevent them from being able to share .logout for stuff they might want to do.
