| 1 |
On Sunday 15 November 2009 10:52:51 Neil Bothwick wrote: |
| 2 |
> On Sun, 15 Nov 2009 05:15:43 +0000, Stroller wrote: |
| 3 |
> > > So when he fucks things up good royal and proper, will he gladly |
| 4 |
> > > accept his |
| 5 |
> > > shafting and pay you more to undo it? Or will he do the usual |
| 6 |
> > > customer stunt |
| 7 |
> > > and blame you? |
| 8 |
> > |
| 9 |
> > My typical experience is that the customer will take it completely on |
| 10 |
> > the chin and pay me to fix the problems. That doesn't make foul-ups |
| 11 |
> > due to such unnecessary meddling any less frustrating, though. |
| 12 |
> |
| 13 |
> Why not use sudo to give the customer's account almost full root access? |
| 14 |
> Not only does this allow you to restrict which damaging commands he can |
| 15 |
> run but sudo logs each command it runs, so you have CYA insurance. |
| 16 |
|
| 17 |
Double CYA insurance: |
| 18 |
|
| 19 |
Send all logs to a remote syslog server. The user with sudo permissions can |
| 20 |
still disable logging, but you have untouchable evidence that he did :-) |
| 21 |
|
| 22 |
|
| 23 |
-- |
| 24 |
alan dot mckinnon at gmail dot com |
Archives