On Nov 12, 2006, at 5:11 PM, Ansgar -59cobalt- Wiechers wrote:
On 2006-11-12 Dan Shoop wrote:
At 6:48 PM -0500 11/11/06, Josh Wisenbaker wrote:
I don't worry about it defeating the auditing of sudo commands as
I'm
the only one accessing the servers like that.
Everyone should also understand that anyone who is running as root
can
effectively "clean" whatever audit logs there might be anyway so the
merits of such logging are superficial.
This is true for the majority of all cases. However, you can have
setups
where root cannot edit audit logs that easily, e.g. logging to a
loghost
to which the person has no access, or having printed logs.
Yes, and we also must remember that sudo logging isn't exclusively
(or even mostly, in my view) for tracking only malicious activity...
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Macos-x-server mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
