RE: login session transcript

From: Alexandre Skyrme (alexandre.skyrme_at_ciphersec.com.br)
Date: 09/29/04

  • Next message: Administrator: "FW: Laptop Encryption & Hibernation"
    To: <security-basics@securityfocus.com>
    Date: Wed, 29 Sep 2004 14:43:33 -0300
    
    

    Greetings Jonathan,

    Your best bet would probably be to use SUDO instead of giving the vendor
    direct access to the root account. Using SUDO you'll not only be able to
    restrict the vendor's privileges but also generate an audit trail of his
    actions. Besides it would require the vendor to specify exacly what
    privileges he would effectively need.

    Altering the user's shell or similar controls could be easily detected and
    circumvented by the vendor, in case he desired to do so. You must rely on
    mechanisms which cannot be compromised by using the privileged root account.
    Even a trusted sitter (auditor) besides the vendor would probably be more
    adequate.

    In case you'd rather stick with your solution, one tool that might help you
    is ttyrec (http://namazu.org/~satoru/ttyrec).

    Regards,

    --
    Alexandre Skyrme
    Cipher - Segurança da Informação
    +55-21-2529-2629
    www.ciphersec.com.br
     
    Esta mensagem eletrônica pode conter informações privilegiadas e/ou
    confidenciais, portanto fica o seu receptor notificado de que qualquer
    disseminação, distribuição ou cópia não autorizada é estritamente proibida.
    Se você recebeu esta mensagem indevidamente ou por engano, por favor,
    informe este fato ao remetente e a apague de seu computador imediatamente.
    This e-mail message may contain legally privileged and/or confidential
    information, therefore, the recipient is hereby notified that any
    unauthorized dissemination, distribution or copying is strictly prohibited.
    If you have received this e-mail message inappropriately or accidentally,
    please notify the sender and delete it from your computer immediately.
    -----Original Message-----
    From: Jonathan C. Detert [mailto:detertj@msoe.edu] 
    Sent: terça-feira, 28 de setembro de 2004 11:56
    To: security-basics@securityfocus.com
    Subject: login session transcript
    Hello,
    I need to give a vendor shell access to a freeBSD system I run, and worse
    yet, I need to give them root access. I want to know everything the vendor
    does while logged in.
    I'm thinking of making the vendor's login shell be
            'script -q -a <somefilename>'
    but :
    a) i don't want the vendor to be able to delete the logfile
    b) it would be nice if the vendor wouldn't know his activity was being
       logged
    Does anyone have a better suggestion for me than to use script? Does anyone
    have an idea how to address points a) and b) ?
    Thanks
    -- 
    Happy Landings,
    Jon Detert
    IT Systems Administrator, Milwaukee School of Engineering
    1025 N. Broadway, Milwaukee, Wisconsin 53202
    

  • Next message: Administrator: "FW: Laptop Encryption & Hibernation"

    Relevant Pages

    • Re: need final word on sysdba
      ... Otherwise only local sysdba connects are allowed. ... I suggest that you do not give the vendor the sys or system ID's. ... Rather grant DBA to an ID created for the vendor. ... slew of database object DDL privileges, that is, system privileges like ...
      (comp.databases.oracle.misc)
    • Re: SYSTARTUP_VMS (was: Three questions re: the VMS startup process)
      ... > We must keep the environment in the state that the vendor will support. ... The images are installed with privileges ... As with any startup, measures should be put in place that allow for sanity ... disables in SYLOGIN.COM. ...
      (comp.os.vms)
    • Re: need final word on sysdba
      ... Otherwise only local sysdba connects are allowed. ... I suggest that you do not give the vendor the sys or system ID's. ... Rather grant DBA to an ID created for the vendor. ... slew of database object DDL privileges, that is, system privileges like ...
      (comp.databases.oracle.misc)