[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: support using pam_audit.so in "account" stack



On Tue, Feb 22, 2005 at 04:25:35PM +1100, Leigh Purdie wrote:
> I'd also recommend including logout information - regardless of the fact
> that non-interactive access may still continue (eg:
> nohup /path/to/blah), it is pretty important for some organisations to
> be able to determine a users interactive login and logout times.

Don't misunderstand me - I'm not opposed to logout information and agree
that it can be helpful, but it's not required for CAPP compliance and is
misleading information if the users get moderately creative.

For some applications such as vsftpd the application code would need to
be changed to get a logout record - it pretty much requires that there is
a privileged process that monitors the session, and not all services are
structured that way

-Klaus


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]