On 12/07/2012 03:23 AM, Fleuriot Damien wrote:
- audit trails cannot be tampered (chflags sappend)
Another way to achieve this is to send the logging output to a another log collection machine or appliance (think "Arcsite") to which even the root users under consideration do not have access. That is, implement a separation of powers scheme where no one organization has complete control of the entire monitoring workflow. -- ---------------------------------------------------------------------------- Tim Daneliuk [email protected] PGP Key: http://www.tundraware.com/PGP/ _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[email protected]"
