Abdelkader Yousfi wrote: > so you mean no way for having each command hit by each users except getting > bach_history file !!! > because i want to get my system more secure and seeing each user what he > does or what he is doing in shell > Thx! > I am now questioning *why* you want to do this. Is this a requirement from management, and, if so, for what reason? Do you believe someone inside is grossly violating company policy, or doing corporate espionage? mark > On Tue, Jun 9, 2009 at 4:40 PM, mark <m.roth2006@xxxxxxx> wrote: > >> Abdelkader Yousfi wrote: >>> All, >>> >>> How can we know on RHEL what each users is doing on the system (commands, >>> file accessing...etc)? >>> Thanks! >> Are you talking about *every* *single* *command* (assuming we're not >> talking X >> here, but shell), or just when they issue commands with root privilege? >> >> If the latter, they should be using sudo most of the time, and then >> everything >> will be logged in /var/log/secure. >> >> If you mean the former, that's inane. They started doing that at a major >> corporation I worked at in '03, allegedly as part of their SOX >> (Sarbanes-Oxley) >> compliance, and it's a bad joke; it's more 'if anyone ever asks, we'll bury >> them under so much info that they'll never find what they're looking for". >> >> Really - what do you actually *need* to know? What are you trying to >> achieve? >> Logging everything that everyone does, say, by copying their .bash_history >> file >> every few minutes, or adding a shell wrapper that logs it, the way the >> company >> I worked for did, for more than a handful of people will *bury* you. >> >> While we're at it, though I hate it, are you using selinux? >> >> mark >> >> -- >> redhat-list mailing list >> unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe >> https://www.redhat.com/mailman/listinfo/redhat-list >> > > > -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
