- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Super user acttivity audit
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-29-2013 08:07 PM - edited 05-29-2013 08:12 PM
05-29-2013 08:07 PM - edited 05-29-2013 08:12 PM
Re: Super user activity audit
You should use CaclMgr: it comes with the shlog. You can put root account in dual control just in case when direct use of root account is needed, you can still use it provided both information security staff and system admin need be present.
With CaclMgr and shlog, the key strokes will be logged and can later replay back using shlog-replay.
CaclMgr is far more secure than sudo, and its control over environment variables and there value ranges are far better than any other privilege delegation software on UNIX/Linux. Also, the CaclMgr is multi-user friendly, has lot more security features to maintain the security, and can be used by any privilege accounts, such as dba account, to directly grant another account or group to use the account's privilege to execute predefined command.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-12-2014 01:44 PM
02-12-2014 01:44 PM
Re: Super user acttivity audit
I realize this is an older post, but I need to implement this exact senario using sudo and ksh. Does anyone have more information on exactly how to make this happen?
Where do I get eksh and how do I configure it and sudo?
I appreciate any assistance.
-thanks
- « Previous
-
- 1
- 2
- Next »