[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ale] Write permission

Subject: [ale] Write permission
From: jim.kinney at gmail.com (Jim Kinney)
Date: Wed, 25 May 2016 17:57:09 -0400
In-reply-to: <[email protected]>
References: <CAEo=5PyZu4UCtzO+VZ2-DLuMEtcDwNt49rN9-iuJ3n6jmgj67w@mail.gmail.com> <CAEo=5PyTQ0BiMSrGMGE5CJNTBRVEhXYJKmp1CWKz9May48AiHQ@mail.gmail.com> <CAEo=5PygpKWi++euyS-FfonnRRmXqo2eKfQUegP0h8dpGh0GYQ@mail.gmail.com> <CAEo=5Pxg-ZLbqLOfiTsK=72QbNX9aj3kA=0onh3qu9=kJGourg@mail.gmail.com> <CAEo=5Pyv6PwpvEqgG8uQ59MLcf=LTV-z3=HzbUVK5WyfSBg=FA@mail.gmail.com> <CAEo=5PyEkZ546xqbKrT0wi2Qm6uy+yab5XbKhQRn=_VNmxLhww@mail.gmail.com> <CAEo=5PyrcPc6HVgJo8kZ1=6iq-4-NZ6gCTXH=N1PLx_5kgrDAA@mail.gmail.com> <CAEo=5PysoPnLiy4LzHyogEwtEby53UR9O7bvMBFYoz+kLgpSSg@mail.gmail.com> <CAEo=5PyghTpdu8ZMiXYRMH-nhpwvTSn+YED7rNRgvm9BCTgzPw@mail.gmail.com> <CAEo=5Px+O=_Gguzbhg8x6nfpEvVkHFUSCTu2TWZUhZaMZ9cYiA@mail.gmail.com> <CAEo=5PxAv_zF5=0+UU9G32yWQkb2OBtm-T1M2S9Do4otY9YWog@mail.gmail.com> <CAEo=5PwLZ2gFwrVw-Ho65CFJ1zC4WGyB+5fRfsuyPqZSc3UAKQ@mail.gmail.com> <[email protected]> <[email protected]> <[email protected]> <[email protected]> <[email protected]>

Auditd apparently is a total mystery to the people who want to ENFORCE
SECURITY. They are convinced the REAL SECURITY comes with a very large
price tag and a new process that MUST BE VETTED FOR ACCURACY.

I can't _wait_ to hand them a log file from auditd along with an
explanation of what it means.
On May 25, 2016 5:51 PM, "Vernard Martin" <vernard at gmail.com> wrote:

> On 5/16/2016 6:18 PM, Jim Kinney wrote:
>
>>
>> Happily, this isn't DoD. Just HIPPA. Must strike a balance between
>> absolute security (standalone system with no networking in a room with
>> armed guards will to shoot on site) and usability (woo! Free-for-all and
>> everyone has root - NOT ON MY WATCH!).
>>
>>> Either you need security or you don't.
>>>
>>
>> Need security that prevents accidental relocation and makes deliberate
>> abuse difficult but most importantly, traceable back to the now
>> expelled/fired idiot.
>>
> Auditd can be configured to give you enough info to trace who/what is
> going on. Add sudo logs to that and you can probably track an offender
> quite fast.
>
> Or you can use the crappy EASH package that does all this and is absurdly
> old and not supported by the developer anymore. But it *does* work.
>
> V
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.ale.org/pipermail/ale/attachments/20160525/f6527133/attachment.html>

References:
- [ale] Write permission
  - From: jim.kinney at gmail.com (Jim Kinney)
- [ale] Write permission
  - From: DJPfulio at jdpfu.com (DJ-Pfulio)
- [ale] Write permission
  - From: jim.kinney at gmail.com (Jim Kinney)
- [ale] Write permission
  - From: DJPfulio at jdpfu.com (DJ-Pfulio)
- [ale] Write permission
  - From: jim.kinney at gmail.com (Jim Kinney)
- [ale] Write permission
  - From: vernard at gmail.com (Vernard Martin)

Prev by Date: [ale] Fwd: [mil-oss] US military uses 8-inch floppy disks to coordinate nuclear force operations
Next by Date: [ale] semi OT: interface
Previous by thread: [ale] Write permission
Next by thread: [ale] Write permission
Index(es):
- Date
- Thread