Jesse Keating píše v Ne 07. 12. 2008 v 15:05 -0800: > On Mon, 2008-12-08 at 10:03 +1100, Andrew Bartlett wrote: > > > > Perhaps I'm a bit slow this morning, but vipw is forbidden but > > vi /etc/passwd isn't? > > I think he means "forbidden by policy" in which using anything /but/ the > audit-able tools is "forbidden by policy". If you're expecting > everybody to follow policy, why not just set policy that says "don't > hack this box". That'll work right? Violations of "don't hack this box" don't generate audit messages that can be manually examined for actual intrusions. Violations of "don't access /etc/shadow manually" do. Mirek -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
