<OffTopic>Using tools like disc-quota, ulimit, rssh and whatnot is hardly the same thing as looking into users' history files... What's next? Stealing their data from ~/.ssh/id_* files? Or are you guys doing that already?</OffTopic>

Nevem> I'll bet you're one of those people that, even though you didn't buy your work computer with your own money, you still feel it's yours to do with as you see fit. Am I right? How you can possibly associate monitoring with theft is beyond me. That said, this isn't the place to debate such things. If you like, PM me and we can discuss further.

Would it be all right for you if your employer monitored your traffic with your bank, because the computer you use belongs to them?

Nevem -> When you go to work and use work assets, you're there to do a job for them. There's an underlying fallacy to your logic - assuming that anything you do on work assets is personal/private. Perhaps it's different where you work/live, but I can assure you, this is not the case in the States. You forfeit all privacy when logging into a work machine. Period.

Again, if you'd like to discuss this further, feel free to PM me. This is not the place for this sort of banter.

Mods -> feel free to remove irrelevant posts to this topic, including mine.

i see both sides of this issue; however, this is the reason i put masking tape to cover the webcam on my work-at-home laptop:
https://en.wikipedia.org/wiki/Robbin...chool_District

eventhough i do know i'm not supposed to run fedora live-usb on this thing, i do anyways.

(I know someone who has put such a tape on his mobile phone's camera... I thought he was paranoid. Now, I don't think so any more.)

Ok, now THAT is just WRONG. Was an interesting read though and certainly raises some new questions. I'm sure there will be more of this kind of thing to push the envelope in the future.

<Off>Right, forget privacy, have a look at security. Assume an Oracle password got compromised, and a user admits they have used this command:

Someone remembers that there is an automatism that periodically check users' history. Who will be blamed for the potential data-loss?</Off>

You've lost me. How will checking history cause data loss?

We started with the hypothesys that an Oracle userid got compromised. Important data might have been stolen, deleted or changed.
Now someone admits they weren't careful enough; their history did contain the password. They are in trouble all right.
And who else might be in trouble? Yourself, because you created this history-checking system, so you was in the position of finding the password.

Note: history files are valueable sources of information for haxors, too; especially that of root users'

Still doesn't matter. As systems administrators, we're ultimately responsible for the machines - regardless of any scenario you can hypothesize. If for no other reason you were able to determine who was the culprit, any other point is moot. Users shouldn't be doing anything administrative without involving the system owner(s) anyway.

Another point to think about: You said you wanted to monitor user activity to check if they are using git 'right' or 'wrong'. What if they are clever enough to do their git-abusing-evilness programatically (shell script or otherwise). Even your best 'grep git' command won't find the evidence.

Frankly, that doesn't matter either. A decent systems administrator will be able to put things in place that would prevent their own demise, i.e. access control lists, tripwire, fanotify/inotify (as you pointed out), xymon, etc. For this particular case, the users would actually be doing themselves an injustice more than us because, eventually, their actions will lead to them not being able to get their own jobs done. There would be no advantage to their nefariousness as it would eventually get them fired.

While I do see the value in playing devil's advocate you have on the other hand taken this thread so far off topic across so many posts, all without constructively helping the OP achieve his goal and even in the face of his polite request to stop off topic conversation that I think you should, with all due respect, really reconsider if you should continue posting?..

hi unspawn, would you be able to move post #9 and below to a different thread in non-general... then maybe others can join in the fun ?

1 members found this post helpful.