Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: sudo & Sox compliance
Top Forums UNIX for Advanced & Expert Users sudo & Sox compliance Post 302117843 by jim mcnamara on Wednesday 16th of May 2007 05:13:54 PM
Old 05-16-2007
Short answer: your current security as explained is a violation of Sarbanes-Oxley. Furthermore, if you are publicly traded, you're going to look bad in any sox-compliance audit. Get security help.

Test for publicly traded companies including their contractors, vendors or anyone with system access:
If su or sudo lets somebody, like programmers or accountants or data entry clerks or even the company president, have direct unaudited access to any file or data transmission used for input to or generated by AR, AP... any accounting/financial reporting, then it won't fly.

HIPPA - if sudo lets any non-HR person in my business (or doing work for my business as a consultant, contractor, etc.) lookup somebody else's private records without their prior authorization, then I am not in compliance. That is the test you apply. Private records = medical records, drug test records, insurance information, direct deposit information, etc.


Just get security help. Obviously, your boss does not listen to you. He will be forced to listen when it dings his department's budget. That's how it works in small companies - consultants get listened to.
 

7 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Parsing Powerbroker Logs for SysAdmin Changes (SOX)

I need to identify a list of AIX command strings that can be used to parse Powerbroker logs for changes that are being made by Unix SysAdmins. Need to filter out (as much as possible) inquiry or routine maintenance activity and concentrate on software/security changes. This is for internal... (1 Reply)
Discussion started by: bcouchtx
1 Replies

2. Solaris

Difference between sudo & RBAC

Hello Everybody I would like to know any major difference between sudo & RBAC as I am bit familiar with RBAC but not with sudo (2 Replies)
Discussion started by: girish.batra
2 Replies

3. Solaris

sudo for solaris 8 & 9

Dear ALL please can anyone tell me from where can i install sudo for solaris 8 & 9 and how i can install it in the solaris server . (1 Reply)
Discussion started by: thecobra151
1 Replies

4. UNIX for Advanced & Expert Users

sudo & chdev

I have an error when using chdev with sudo as follows; sudo chdev -l rmt0 -a block_size=512 chdev: 0514-518 Cannot access the CuDv object class in the device configuration database. I've added chdev in sudoers but still get the error, I guess it's something to do with CuDv... (3 Replies)
Discussion started by: gefa
3 Replies

5. Solaris

Sudo Privileges & Sudoers Group

I'm looking for some suggestions to accomplish what a specific user needs, without adding them to the "sudoers" group. I have X user, that is requesting to be able to change file permissions on items owned by others and search directories where X user doesn't have access. I'm open to any... (2 Replies)
Discussion started by: Nvizn
2 Replies

6. Shell Programming and Scripting

Ssh & sudo

when the following command is issued the command prompt is received, how do I get past this? ssh -t usera@hosta sudo su - userb -c id (4 Replies)
Discussion started by: squrcles
4 Replies

7. Shell Programming and Scripting

Remoting sudo commands & bypassing bashrc

What I want to do is not unique, except that our environment has a twist. I want to ssh to a remote server and issue a sudo command to run a script. This isn't working, but you'll get the gist.# ssh remotehost sudo -i -u oracle script.bashThe sudo to oracle is fine. The script.bash sets up the... (4 Replies)
Discussion started by: JustaDude
4 Replies

LEARN ABOUT SUSE

aulast

AULAST:(8)						  System Administration Utilities						AULAST:(8)

NAME

       aulast - a program similar to last

SYNOPSIS

       aulast [ options ] [ user ] [ tty ]

DESCRIPTION

       aulast  is  a  program  that prints out a listing of the last logged in users similarly to the program last and lastb. Aulast searches back
       through the audit logs or the given audit log file and displays a list of all users logged in (and out) based on the range of time  in  the
       audit  logs. Names of users and tty's can be given, in which case aulast will show only those entries matching the arguments. Names of ttys
       can be abbreviated, thus aulast 0 is the same as last tty0.

       The pseudo user reboot logs in each time the system is rebooted. Thus last reboot will show a log of all reboots since  the  log  file  was
       created.

       The  main  difference  that  a user will notice is that aulast print events from oldest to newest, while last prints records from newest to
       oldest. Also, the audit system is not notified each time a tty or pty is allocated, so you may not see quite  as  many  records	indicating
       users and their tty's.

OPTIONS

       --bad  Report on the bad logins.

       --extract
	      Write raw audit records used to create the displayed report into a file aulast.log in the current working directory.

       -f file
	      Use the file instead of the audit logs for input.

       --proof
	      Print out the audit event serial numbers used to determine the preceeding line of the report. A Serial number of 0 is a place holder
	      and not an actual event serial number. The serial numbers can be used to examine the actual audit records in more  detail.  Also	an
	      ausearch query is printed that will let you find the audit records associated with that session.

       --stdin
	      Take audit records from stdin.

EXAMPLES

       To see this month's logins
       ausearch --start this-month --raw | aulast --stdin

SEE ALSO

       last(1), lastb(1), ausearch(8), aureport(8).

AUTHOR

       Steve Grubb

Red Hat 							     Nov 2008								AULAST:(8)
All times are GMT -4. The time now is 03:15 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy