More PATH fallout. Who decided this was a good idea?
Ewan Mac Mahon
ewan at macmahon.me.uk
Sun Dec 7 02:53:21 UTC 2008
On Sat, Dec 06, 2008 at 01:35:26PM -0500, Steve Grubb wrote:
> On Saturday 06 December 2008 13:28:44 Callum Lerwick wrote:
>
> > If you're not auditing at a lower level than executing /bin/usermod, you
> > are DOING IT WRONG period.
>
> That is being audited at a lower level, too.
>
So why would you need to worry about usermod et al having the ability to
log audit messages about their use, when any 'real' use of them (as in,
anything that actually tried to touch the databases) would presumably be
logged by the same lower levels that would catch someone using another
tool?
Ewan
More information about the fedora-devel-list
mailing list