On Mon, 2007-07-30 at 08:11 -0500, Eric Crist wrote:
> On Jul 30, 2007, at 7:34 AMJul 30, 2007, Adam J Richardson wrote:
> > Tom Evans wrote:
> >> This seems great in principle, but of course, you just gave them a  
> >> root
> >> shell, and so they can delete their log file easily enough...
> >
> > You could have cron email it to you every 5 minutes. Unlikely he'd  
> > check the crontab immediately, unless he was really bent on the  
> > system's destruction. Likely you'd have at least some evidence of  
> > his behaviour. Of course your email box would fill up quickly.
> >
> > Adam J Richardson
> >
> Tom,
> If you're really all that worried about this, don't give them root  
> access.  You could simply sit at the console with them while they  
> work.  IIRC, they're a contractor, not an employee.  Your presence  
> during such operations wouldn't be abnormal for a contractor.
> Eric Crist

I'm not at all worried; the OP was. I was merely pointing out that most
auditing solutions have issues that can be worked around by a malicious
user; sometimes you just have to trust someone.

Attachment: signature.asc
Description: This is a digitally signed message part

Reply via email to