Browse Prior Art Database

Method to Provide Flexible Enhanced/Extended Attributes for Linux/Unix/Windows Based Shell Command History

IP.com Disclosure Number: IPCOM000246439D
Publication Date: 2016-Jun-06
Document File: 4 page(s) / 73K

Publishing Venue

The IP.com Prior Art Database

Abstract

Disclosed is a highly customizable control mechanism for providing/displaying extended attributes for privileged and/or non-privileged command execution from a Linux*/Unix*/Windows* based shell history. This control mechanism spans all users, all groups, all commands (executable from shells), many shells, and many Linux/Unix/Windows based and other operating systems distribution levels to provide maximum flexibility in defining and implementing history command extended attributes.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 45% of the total text.

Page 01 of 4

Method to Provide Flexible Enhanced/Extended Attributes for Linux/Unix/Windows Based Shell Command History

A method is needed that enables the understanding of which end user and/or Internet Protocol (IP) Address executed commands in a Linux*/Unix*/Windows* (and other operating systems (OS)) shell history for dedicated/non-shared user identifiers (IDs) as

well as shared user IDs, with or without multiple users simultaneously utilizing the

shared user IDs. This problem occurs when multiple users are simultaneously utilizing a shared user ID, for shared user IDs that are not simultaneously being shared, and for dedicated user IDs. This problem can occur across the wide range of Linux/Unix/Windows and other OS available shells.

This solution provides both user and system level control mechanisms in which any executed commands, including non-privileged and/or privileged command execution (e.g., multiple Linux/Unix/Windows based and other OS shells), can be enhanced in the shell history with extended attributes. This provides additional helpful information for purposes such as auditing, debugging, security, and more.

The novel method provides highly customizable user and system capabilities to provide extended/additional attributes in the shell history including:

• IP address of login user ID that executed the command • Login user ID • Login user ID pseudo terminal • Additional optional attributes such as a subset of the uptime, finger, and/or other commands
• End-user specified attributes

The novel method provides a wide range of configurations and implementations including differentiation from the individual user level, individual command level, and the individual shell, to all commands, all users, and all shells, including specifications for:


• Any user ID of any type including non-privileged, application, database, or system privileged


• Any groups of user IDs, defined at either the system level or configured within this solution


• Any shell command line executable command with any variations

• Many Linux/Unix/Windows based and other OS shells
• Many Linux/Unix/Windows based distributions, as well as for other Operating Systems in general.

The method employs a shell wrapper for each supported shell type to implement the extended (additional) attributes to be included in the shell history. The individual user IDs may implement a local copy of these shell history command extended attributes, as

well as the system administrator.

The actual update of the shell history command entry is performed by a shell wrapper,

1


Page 02 of 4

customized/specific to the Linux/Unix/Windows based shell in use. Said shell wrapper compares the executed command to a set of end user defined rules, which are

contained in a flexible configuration file(s). If the executed command matches all of the rules specified for the executing user, shell, and command, then the system displays the previously executed command in the shell history with t...