..and you're not the onlyone with that problem.
I'm doin an "ultimate-yber-security" module (actually tryin to get it to work in 2.6, worked like charm in 2.4..) that, when system has "unwanted" visitors (read: hackers) stealing the root account, keeps a "hidden" account up, and when U log in (whit that hidden) , it jamms *every* command that the unwanted gues tries to use.. and hides itself from ls'ing, accessing directly, logs, and from seeing that it has been loaded...
...Was kinda neet to listen what a friend of mine said, when I created a fake-root account on my pc, and let him to log in and do all the damage he could do..
I'd also appriciate a solution of somekind to that problem.