And I make a habit of running all of my web browser traffic through a logging proxy so I can debug odd stuff. That protects only against semi-skilled attackers which probably means - not root. I really think the author of the question should look at encrypted scripts (see Filter) and consider all the caveats that entails.

Either that or only work on operating systems where root doesn't actually have root access.

Update: I'm really inexpert in this realm but this sort of thing comes up on bugtraq occasionally. I'm gesturing vaguely in the direction of Mandatory Access Control which is a broad area and really isn't my turf. I never really bothered to keep those lists around since I don't operate in environments where the admins aren't trusted.

__SIG__
use B;
printf "You are here %08x\n", unpack "L!", unpack "P4", pack
  "L!", B::svref_2object(sub{})->OUTSIDE;
[download]