1 |
On Sunday 15 November 2009 10:52:51 Neil Bothwick wrote: |
2 |
> On Sun, 15 Nov 2009 05:15:43 +0000, Stroller wrote: |
3 |
> > > So when he fucks things up good royal and proper, will he gladly |
4 |
> > > accept his |
5 |
> > > shafting and pay you more to undo it? Or will he do the usual |
6 |
> > > customer stunt |
7 |
> > > and blame you? |
8 |
> > |
9 |
> > My typical experience is that the customer will take it completely on |
10 |
> > the chin and pay me to fix the problems. That doesn't make foul-ups |
11 |
> > due to such unnecessary meddling any less frustrating, though. |
12 |
> |
13 |
> Why not use sudo to give the customer's account almost full root access? |
14 |
> Not only does this allow you to restrict which damaging commands he can |
15 |
> run but sudo logs each command it runs, so you have CYA insurance. |
16 |
|
17 |
Double CYA insurance: |
18 |
|
19 |
Send all logs to a remote syslog server. The user with sudo permissions can |
20 |
still disable logging, but you have untouchable evidence that he did :-) |
21 |
|
22 |
|
23 |
-- |
24 |
alan dot mckinnon at gmail dot com |