1

Is there a way to log every execution of perl scripts on the complete server? I am investigating a possible security issue and therefore want to log every perl execution.

Is something like this possible?

Thanks in advance

PS: Running CentOS 6.5 including Plesk 12

mario.schlipf
  • 185
  • 2
  • 9
  • The only way I could think of it is using a wrapper, but unfortunately that causes a whole new set of issues. This issue comes up for different reasons, moreso because people want to use a wrapper to use different versions of perl on the same machine. You can look up "perl wrapper" and see the types of headaches involed. Sorry :( Hopefully the wrapper idea gives you some other ideas though. – ben Aug 05 '14 at 18:12

1 Answers1

0

It sounds like what you want is auditing. Logging 'every time perl is run' isn't particularly easy - as the other poster mentions, wrappers can be a real pain to manage, and doesn't stop someone having their own perl binary.

However, CentOs does support Kernel Auditing. In which a record is made of lots of things, and people don't usually bother because it's extremely verbose.

I'm afraid I can't give any more detail really, because auditing tends to be a real pain to set up and enable first time, but otherwise you don't really need to touch it. I would suggest you look in your favourite search engine for how to enable and configure.

Sobrique
  • 3,747
  • 2
  • 15
  • 36
  • 1
    https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Security_Guide/chap-system_auditing.html should help you get auditing going – chicks Aug 11 '14 at 01:54