Date: Mon, 30 Jul 2007 08:11:06 -0500 From: Eric Crist <mnslinky@gmail.com> To: Adam J Richardson <fatman.uk@gmail.com> Cc: Tom Evans <tevans.uk@googlemail.com>, freebsd-questions@freebsd.org, Ian Lord <mailing-lists@msdi.ca> Subject: Re: Root access loggin Message-ID: <AE852C96-F0CB-4737-BA3E-428E2AFA88BD@gmail.com> In-Reply-To: <46ADDAC2.3010404@crackmonkey.us> References: <050b01c7ce16$960a0570$6400a8c0@msdi.local> <1185794014.1444.7.camel@localhost> <46ADDAC2.3010404@crackmonkey.us>
next in thread | previous in thread | raw e-mail | index | archive | help
On Jul 30, 2007, at 7:34 AMJul 30, 2007, Adam J Richardson wrote: > Tom Evans wrote: >> This seems great in principle, but of course, you just gave them a >> root >> shell, and so they can delete their log file easily enough... > > You could have cron email it to you every 5 minutes. Unlikely he'd > check the crontab immediately, unless he was really bent on the > system's destruction. Likely you'd have at least some evidence of > his behaviour. Of course your email box would fill up quickly. > > Adam J Richardson > Tom, If you're really all that worried about this, don't give them root access. You could simply sit at the console with them while they work. IIRC, they're a contractor, not an employee. Your presence during such operations wouldn't be abnormal for a contractor. HTH Eric Crist
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?AE852C96-F0CB-4737-BA3E-428E2AFA88BD>