Re: [Sudoscript-devel] new script(1) on Solaris 8

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

I realize there's tons of ways to do evade it.  My developers claim that 
they "must have root access on the box" or they can't do development. 
 I'm not in a position to say no, so I'm trying to do as much as I can 
to watch them.  I sympathize with the paper you wrote, in that sometimes 
giving them root access is inevitable.  I figure I'll log it as close I 
can until something goes wrong, and at least I can take that log to them 
and show it to the developers, and hopefully then be able to take away 
root.  

I don't care much about the announcement that it's being logged.  I want 
them to know that.  I don't however want them tobe able to say when they 
screw something up that, "that Script started... thing is what caused me 
to do rm -rf on /."  Don't ask how it relates to anything, but trust me, 
that excuse will be used when something goes wrong.  

Does anybody know of where I can get the new non-BSD'd (if it even 
exists) script command?  On RH7.3 and up, the script command has the -q 
option.  I tried looking for the source but looking for a binary called 
script is quite tedious.  

Again, thanks in advance,
~Matt Valites
Unix Admin.
Banta-IM

Howard Owen wrote:

> I haven't even tried to get the BSD derived Linux source for
> script(1) to compile on Solaris.
>
> I note that you announce that the shell is logged, so I
> assume your concern is that the script(1) announcement tells
> the user exactly where to go to evade the auditing. This
> is annoying, but consider that 'xterm' is another easy way
> to evade the audit trail, among many, many others available
> to a root enabled user.
>
>
> --On Friday, October 25, 2002 11:28:02 AM -0400 Matthew C Valites 
> <mva...@ba...> wrote:
>
>> I have sudoscript set up so that it runs upon login for root.  This is
>> the output after connecting through ssh:
>>
>> root@coltrane: ssh lopes
>> Last login: Fri Oct 25 09:37:32 2002 from john-coltrane.n
>> Sun Microsystems Inc.   SunOS 5.8       Generic Patch   October 2001
>> You have mail.
>> Starting tcsh...
>> All actions are logged...
>> Script started, file is /var/run/sudoscript/ssd.root23324.fifo
>> root@lopes:
>>
>>
>> Unfortunatley, since Solaris 8 has an older version of script, I can't
>> edit sudoscriptd so that it starts script with the -q option of "Be
>> quiet."  I used debian to get the source code for script, but it's quite
>> heavily BSD'd and won't compile on Solaris.  I would like that "Script
>> started..." to not appear.  Does anybody have any suggestions on where I
>> can get a newer script(1) or any other ideas?   Thanks in advance,
>> ~Matt Valites
>> Unix Admin
>> Banta-IM
>>
>>
>>
>> -------------------------------------------------------
>> This sf.net email is sponsored by: Influence the future of Java(TM)
>> technology. Join the Java Community Process(SM) (JCP(SM)) program now.
>> http://ads.sourceforge.net/cgi-bin/redirect.pl?sunm0004en
>> _______________________________________________
>> Sudoscript-devel mailing list
>> Sud...@li...
>> https://lists.sourceforge.net/lists/listinfo/sudoscript-devel
>>
>
>
>
> Howard Owen                    "Even if you are on the right
> EGBOK Consultants               track, you'll get run over if you
> hb...@eg...  +1-650-339-5733  just sit there." - Will Rogers
>
>
> -------------------------------------------------------
> This sf.net email is sponsored by: Influence the future of Java(TM) 
> technology. Join the Java Community Process(SM) (JCP(SM)) program now. 
> http://ads.sourceforge.net/cgi-bin/redirect.pl?sunm0004en
> _______________________________________________
> Sudoscript-devel mailing list
> Sud...@li...
> https://lists.sourceforge.net/lists/listinfo/sudoscript-devel
>
>