Mailing List Archive

   tlug.jp -> Mailing List -> tlug archive -> tlug Mailing List Archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [tlug] comand-line recording...

On 2009-09-28 15:58 +0900 (Mon), Bruno Raoult wrote:

> > >From the description we have so far, it's not a problem if users
> > circumvent the auditing, so long as they don't do it by writing the log
> > file being created.
> 
> Yes, the only thing I want to protect is the log file...

This is what I really don't get. Basically, a logfile that doesn't show
what really happened is fine, so long as it was produced in one way,
rather than another.

> 1) The generic account history file will be shared by all
> support/developers, and we would be unable to find who really typed a
> given command.

This makes things even more interesting. I don't use generic
accounts myself, for a lot of very good reasons, but you appear to
be saying something along the lines of Joe logging in and saying,
"record-my-actions as fred" is ok, or even forgetting to run the
"record-my-actions" command is ok, but Joe doing something like
"record-my-actions as joe" and then later doing "mv joe.log fred.log" is
not acceptable.

cjs
-- 
Curt Sampson       <cjs@example.com>        +81 90 7737 2974
           Functional programming in all senses of the word:
                   http://www.starling-software.com
Home | Main Index | Thread Index

Home Page Mailing List Linux and Japan TLUG Members Links