Security Basics mailing list archives

login session transcript

From: "Jonathan C. Detert" <detertj () msoe edu>
Date: Tue, 28 Sep 2004 09:55:47 -0500

Hello,

I need to give a vendor shell access to a freeBSD system I run,
and worse yet, I need to give them root access.
I want to know everything the vendor does while logged in.

I'm thinking of making the vendor's login shell be

        'script -q -a <somefilename>'

but :

a) i don't want the vendor to be able to delete the logfile

b) it would be nice if the vendor wouldn't know his activity was being
   logged

Does anyone have a better suggestion for me than to use script?
Does anyone have an idea how to address points a) and b) ?

Thanks
-- 
Happy Landings,

Jon Detert
IT Systems Administrator, Milwaukee School of Engineering
1025 N. Broadway, Milwaukee, Wisconsin 53202

Current thread:

login session transcript Jonathan C. Detert (Sep 29)
- RE: login session transcript Alexandre Skyrme (Sep 30)
- Re: login session transcript Zachary Shay (Sep 30)
- Re: login session transcript Fabio Miranda Hamburger (Sep 30)
- Re: login session transcript xyberpix (Sep 30)
- Re: login session transcript Jonathan Loh (Sep 30)
- <Possible follow-ups>
- Re:login session transcript Ghaith Nasrawi (Sep 30)