On Fri, Jan 10, 2014 at 1:16 PM, Bryan Harris <bryanlharris@xxxxxx> wrote:
Hello,
I'm wondering if it is possible to use selinux network & process labeling, iptables, and something like /usr/bin/script to create an environment where we can enforce session recording for ssh sessions.
We will soon have a requirement to record our actions on customer environments, but at the same time we also need to block users who have not activated the recording. Is selinux policy an appropriate way to accomplish these requirements? I'd like to search for the details and learn more, but if I'm taking the wrong approach I'd like to know that before starting out.
Any guidance is greatly appreciated. Thanks in advance.
V/r,
Bryan
_______________________________________________
Selinux mailing list
Selinux@xxxxxxxxxxxxx
To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx.
To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
Hello Bryan,
have a look at ttyrec -- you can set it as shell to do ssh session recording per-user and without fiddling in kernel space, and you can enforce it that way even without selinux for non-root users.
If you are interested in restricting root user and maybe play with the live system -- feel free to contact me offlist, i've done the similar things for my selinux playbox, and (i'll check now) i think its still alive.
regards,
ilya
_______________________________________________ Selinux mailing list Selinux@xxxxxxxxxxxxx To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx. To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
