Richard Troth wrote:
In at least one shop where I have worked, we tracked keystrokes within
the 'su' subshell. There is painfully much traffic in that model.
More recently, in my current job, we take advantage of the shell
history, which you noted. What we do is set a different BASH history
file for each 'su' user. Say I am "rick" and I 'sudo su -' to get a
root shell. My commands are then logged in
/root/.histfiles/rick.history or some such. One can determine the
And if rick does this?
rm -f /root/.histfiles/rick.history
Do you "chattr +a /root/.histfiles/rick.history" so that history (of
sorts) is preserved if Rick runs several shells at once (maybe in
screen, maybe by invoking the shell more than once)?
Trusting Rick to try to do the right thing is necessary, within limits.
Trusting he has no bad intent isn't necessary.
--
Cheers
John
-- spambait
[email protected] [email protected]
-- Advice
http://webfoot.com/advice/email.top.php
http://www.catb.org/~esr/faqs/smart-questions.html
http://support.microsoft.com/kb/555375
You cannot reply off-list:-)
----------------------------------------------------------------------
For LINUX-390 subscribe / signoff / archive access instructions,
send email to [email protected] with the message: INFO LINUX-390 or visit
http://www.marist.edu/htbin/wlvindex?LINUX-390
