Re: User Auditing

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Georgios Magklaras wrote:
>   On 09/23/2010 06:43 PM, Marti, Robert wrote:
<snip>
> What I said refers to the whole picture. What you really want to do is
> to correlate events that occur. Logging keystrokes gives you the
> keyboard stream, but does not always help you to correlate what you type
> and what happens at the OS layer. As for privacy, there are reasons that
> I can tell you it's a bad idea to do it. For example, I have found that
> my sysadmins type occasionally sensitive (as opposed to private) info,
> such as rhn reg keys or ssh passwords. These do not really need to be
> inside a text log file in plain text.

Um, yep. I'd be VERY, VERY UPSET if someone had my password in a plain
text logfile emailed to another server. That, alone, would break your
security.

       mark

-- 
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list


[Index of Archives]     [CentOS]     [Kernel Development]     [PAM]     [Fedora Users]     [Red Hat Development]     [Big List of Linux Books]     [Linux Admin]     [Gimp]     [Asterisk PBX]     [Yosemite News]     [Red Hat Crash Utility]


  Powered by Linux