Super user acttivity audit

Victor_60 · ‎05-29-2013

You should use CaclMgr: it comes with the shlog. You can put root account in dual control just in case when direct use of root account is needed, you can still use it provided both information security staff and system admin need be present.

With CaclMgr and shlog, the key strokes will be logged and can later replay back using shlog-replay.

CaclMgr is far more secure than sudo, and its control over environment variables and there value ranges are far better than any other privilege delegation software on UNIX/Linux. Also, the CaclMgr is multi-user friendly, has lot more security features to maintain the security, and can be used by any privilege accounts, such as dba account, to directly grant another account or group to use the account's privilege to execute predefined command.

rl4518 · ‎02-12-2014

I realize this is an older post, but I need to implement this exact senario using sudo and ksh. Does anyone have more information on exactly how to make this happen?

Where do I get eksh and how do I configure it and sudo?

I appreciate any assistance.

-thanks

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Discussions

Forums

Discussions

Forums

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

Super user acttivity audit

Re: Super user activity audit

Re: Super user acttivity audit