PCI-DSS: Log every root actions/keystrokes but avoid passwords
Richard Guy Briggs
rgb at redhat.com
Tue Mar 12 20:47:42 UTC 2013
On Tue, Mar 12, 2013 at 07:06:59AM -0400, Miloslav Trmac wrote:
> ----- Original Message -----
> > I am resurrecting this old thread from last summer because I ran into the same
> > issue and found the thread in the archives via Google. It would be very nice if
> > everything could be logged except passwords.
>
> There is work being done. Sorry, I don't have more specifics as to
> availability, perhaps others do.
Hi Tracy,
I'm actually working on that right now. I have a patch I am in the
process of testing. It implements a new sysctl. I'm working in
the upstream kernel, so it will likely be available in Linus' git tree
before anywhere else. After that, likely fedora, then RHEL, but I'm a
bit new to that process.
I don't see a reason why I couldn't post that patch here when I've got
it ironed out.
> Mirek
- RGB
--
Richard Guy Briggs <rbriggs at redhat.com>
Senior Software Engineer
AMER ENG Base Operating Systems
Remote, Canada, Ottawa
Voice: 1.647.777.2635
Internal: (81) 32635
More information about the Linux-audit
mailing list