tags:

views:

89

answers:

1
+1  Q: 

How can I audit all chmod and chgrp commands?

Corporate security policies are starting to require low level event logging. For example, file access permission changes. One solution is to use SELinux but our knowledge of this is sparse at best. Another is to replace the command with a proxy which performs auditing (this sucks though).

Any ideas?

+3  A: 

I think you can look at auditd: http://linux.die.net/man/8/auditd

Also check this thread please: http://www.linuxforums.org/forum/linux-security/109864-auditing-logging-all-commands-arguments.html

FractalizeR  2009-09-17 10:57:55
Thanks for that. I think that'll solve the problem.
Kango_V  2009-09-17 11:00:48
You are welcome ;)
FractalizeR  2009-09-17 12:00:13
+1 nice solution for his problem. Really matches his needs.
bastianneu  2009-09-17 13:04:31

related questions

Can't copy file with appropriate permissions using FileIOPermission
GetProcessesByName() and Windows Server 2003 scheduled task
Starting a process in C# with username & password throws "Access is Denied" exception
How do you set directory permissions in NSIS?
PHP: How to check if a directory is writeable?
Sharepoint Item Level Access & performance
sudo echo "something" >> /etc/privilegedFile doesn't work... is there an alternative?
What is the best way to create a security architecture?
Hierarchical Group Permissions Theory/Resources?
Why is access denied when installing SSL cert on IIS 5?
What databases do I have permissions on
Can an iPhone App Be Run as Root?
SQLite/PHP read-only?
Multiple permission types (roles) stored in database as single decimal
SharePoint Permissions
CakePHP ACL Database Setup: ARO / ACO structure?
LINQ and Database Permissions
What's the best way to implement a SQL script that will grant select, references, insert, update, and delete permissions to a database role on all the user tables in a database?
php scripts writing to non-world-writable files
How do I detect if a function is available during JNLP execution?
Implementing permissions in PHP
Access Control Lists & Access Control Objects, good tutorial?
In Visual Studio you must be a member of Debug Users or Administrators to start debugging. What if you are but it doesn't work?
Where should I put my log file for an asp.net application?
What is the best way to handle multiple permission types?