*understands now*

A key-logger is not exactly what he's looking for since he doesn't want to scan ALL keys, just msgs sent to the shell. If it was a keylogger, he would have to try to not scan text input in an email or word processor etc. Also, what if the msg was sent to the shell via a program rather than the keyboard? He may want to filter that as well, dunno.

Is it possible? Yes. I do not know enough of the linux OS to know how programs handle input; How they recieve keystrokes and mouse messages etc. However, the technique would involve hooking the shell's input stream, which should be the same as hooking any running program's input stream on linux. I can't code it, I don't know how it's done, or from the top of my head - how to learn. But I do know it's possible.

And just because I feel like being a cynic, I don't find much use for a program like that. Security checks made at the prompt, and no place else. A purpose specific firewall would be infinitely more useful, and probably already exists. After all, who cares if a program records your password if it never leaves your computer.

*reads first post again*

although, maybe you DO want to intercept traffic sent to other programs (ie keylogger). Just because typing it at the commandline doesn't mean it goes through the shell. In the example above the shell never sees the password, it is the program emulating the shell. So a keylogger or a firewall is the better option.
_________________________
Domain Registration, Hosting, Management
http://www.dollardns.net