There's some software floating around that uses LD_PRELOAD to track the commands executed on a Linux system. It does this by intercepting calls to the execve(3) library function and emitting a log entry for each such call. This can make sense from a "let's keep some kind of record of what my well-intentioned friends are doing on the system" perspective, but is pretty useless as a "defend against someone who is aiming to attack me" perspective.
dumblob
dumblob
/ antisnoopy.md
Created
January 15, 2022 23:28
antisnoopy: defeating LD_PRELOAD tracking of execve