1. Home
  2. Mitigations
  3. Environment Variable Permissions

Environment Variable Permissions

Prevent modification of environment variables by unauthorized users and groups.

ID: M1039
Version: 1.0
Created: 11 June 2019
Last Modified: 11 June 2019
Version Permalink
Enterprise Layer
download view

Techniques Addressed by Mitigation

Domain ID Name Use
Enterprise T1562 .003 Impair Defenses: Impair Command History Logging

Prevent users from changing the HISTCONTROL, HISTFILE, and HISTFILESIZE environment variables. [1]
Enterprise T1070 .003 Indicator Removal: Clear Command History

Making the environment variables associated with command history read only may ensure that the history is preserved.[1]

References

  1. Mathew Branwell. (2012, March 21). Securing .bash_history file. Retrieved July 8, 2017.