|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Darren Moffat (Darren.Moffat
ENG.SUN.COM)Date: Mon Apr 02 2001 - 17:51:53 CDT
>`sudo -u oracle $COMMAND` is probably a better solution. Once a user does
>`sudo su - oracle` you lose accountability; you will only have a record of
>the sudo su and the su itself. Do they really need a shell as the oracle
>user?
If you use BSM auditing you do NOT lose accountability since neither of
sudo or su change the audit id.
-- Darren J Moffat
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]