Marti, Rob wrote: > If you're using RHEL5 you can enable bash auditing. I don't think the same > solution exists for RHEL4 (yet?). > > As far as why, I've been requested to set it up for PCI compliance (since > developers have access to credit card numbers, etc. without going through > sudo) but all my CC handling servers are RHEL4 so... :-/ Oh. I came off a contract the end of April at a company that's both a root CA, and does managed security for PCI/CSS, so I have a clue what you're dealing with. One question: the *developers* have access to numbers, and not test numbers? I believe that you can request card numbers with info explicitly for development and testing. All the rest should be encrypted everywhere where it's not inside a secure subnet, and they'd prefer then, as well, if I understand it correctly. mark -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
