users logs

[mark]

Abdelkader Yousfi wrote:
> so you mean no way for having each command hit by each users except getting
> bach_history file !!!
> because i want to get my system more secure and seeing each user what he
> does or what he is doing in shell
> Thx!
> 
I am now questioning *why* you want to do this. Is this a requirement from
management, and, if so, for what reason? Do you believe someone inside is
grossly violating company policy, or doing corporate espionage?

	mark
> On Tue, Jun 9, 2009 at 4:40 PM, mark <m.roth2006 at rcn.com> wrote:
> 
>> Abdelkader Yousfi wrote:
>>> All,
>>>
>>> How can we know on RHEL what each users is doing on the system (commands,
>>> file accessing...etc)?
>>> Thanks!
>> Are you talking about *every* *single* *command* (assuming we're not
>> talking X
>> here, but shell), or just when they issue commands with root privilege?
>>
>> If the latter, they should be using sudo most of the time, and then
>> everything
>> will be logged in /var/log/secure.
>>
>> If you mean the former, that's inane. They started doing that at a major
>> corporation I worked at in '03, allegedly as part of their SOX
>> (Sarbanes-Oxley)
>> compliance, and it's a bad joke; it's more 'if anyone ever asks, we'll bury
>> them under so much info that they'll never find what they're looking for".
>>
>> Really - what do you actually *need* to know? What are you trying to
>> achieve?
>> Logging everything that everyone does, say, by copying their .bash_history
>> file
>> every few minutes, or adding a shell wrapper that logs it, the way the
>> company
>> I worked for did, for more than a handful of people will *bury* you.
>>
>> While we're at it, though I hate it, are you using selinux?
>>
>>        mark
>>
>> --
>> redhat-list mailing list
>> unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
>> https://www.redhat.com/mailman/listinfo/redhat-list
>>
> 
> 
>