On Sat, Jan 07, 2012 at 05:50:06PM +0000, Connor Lane Smith wrote: > So long as you have the input state for those commands -- the files > themselves -- why must we log the output for each and every command?
Error correction. > If we know the state of the directory, why log invocations of `ls`? ls could have been highjacked by malicious elements. I want to know if he called it with a full path or relied on his $PATH. The same objection applies to sort. > If we maintain complete version history, > such logs are nothing but a waste of space: Or they're a pretty comprehensive auditing tool. > we may as well just open a > shell viewing the system as it was that day, and `sort` afresh. I'm ok with this plan too, for other reasons, but I would prefer a completely auditable system.
