On 6 Dec 2012, at 20:19, Tim Daneliuk <tun...@tundraware.com> wrote:
> On 12/06/2012 12:55 PM, n j wrote: >> On Thu, Dec 6, 2012 at 12:47 AM, Tim Daneliuk <tun...@tundraware.com> wrote: >>> ... >>> Well ... does auditd provide a record of every command issued within a >>> script? >>> I was under the impression (and I may well be wrong) that it noted only >>> the name of the script being executed. >> >> Even if you configured auditd to record every command issued within a >> script, you'd still have a problem if a malicious user put the same >> commands inside a binary. >> >> As some people already pointed out, there is practically no way to >> control users once you give them root privileges. > > I understand this. Even the organization in question understands > this. They are not trying to *prevent* any kind of access. All > they're trying to do *log* it. Why? To meet some obscure > compliance requirement they have to adhere to in order to > remain in business. > > <rant> > I know all of this is silly but that's our future when you > let Our Fine Government regulate pretty much anything. > </rant> > This sounds awfully similar to PCI DSS requirements to me. Nothing to do with .gov then ;) _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"