Super user acttivity audit

 
Victor_60
New Member

Re: Super user activity audit

You should use CaclMgr: it comes with the shlog. You can put root account in dual control just in case when direct use of root account is needed, you can still use it provided both information security staff and system admin need be present.

With CaclMgr and shlog, the key strokes will be logged and can later replay back using shlog-replay.

CaclMgr is far more secure than sudo, and its control over environment variables and there value ranges are far better than any other privilege delegation software on UNIX/Linux. Also, the CaclMgr is multi-user friendly, has lot more security features to maintain the security, and can be used by any privilege accounts, such as dba account, to directly grant another account or group to use the account's privilege to execute predefined command.

rl4518
New Member

Re: Super user acttivity audit

I realize this is an older post, but I need to implement this exact senario using sudo and ksh. Does anyone have more information on exactly how to make this happen?

 

Where do I get eksh and how do I configure it and sudo?

 

I appreciate any assistance.

 

-thanks