Archive for the security Category

Sudosh and Rootsh

The reason for sudosh and rootsh is to log all commands ran in the root shell. This keeps the security people off your back and makes security audits go smother. You need to do some sudoers tweaking to make sure root is only used with the rootsh or sudosh wraper. Rootsh is in most the repos and is a more active project but I found sudosh has a better play back.  Rootsh also logs to syslog which I don't think sudosh2 does. Logging to syslog gives you the ability to log remotely which Read more [...]