There's some software floating around that uses LD_PRELOAD to track the commands executed on a Linux system. It does this by intercepting calls to the execve(3) library function and emitting a log entry for each such call. This can make sense from a "let's keep some kind of record of what my well-intentioned friends are doing on the system" perspective, but is pretty useless as a "defend against someone who is aiming to attack me" perspective.
dumblob
dumblob
/ antisnoopy.md
Created
January 15, 2022 23:28
antisnoopy: defeating LD_PRELOAD tracking of execve
dumblob
/ git-tools.kak
Created
March 25, 2014 22:02
git-tools.kak - POSIX compliant rewrite [NOT tested!]
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| decl str docsclient | |
| hook global WinSetOption filetype=git-log %{ | |
| addhl group git-log-highlight | |
| addhl -group git-log-highlight regex '^(commit) ([0-9a-f]+)$' 1:yellow 2:red | |
| addhl -group git-log-highlight regex '^([a-zA-Z_-]+:) (.*?)$' 1:green 2:magenta | |
| } | |
| hook global WinSetOption filetype=(?!git-log).* %{ | |
| rmhl git-log-highlight |