Abuse of system privileges
If you have reason to believe a person with root-level
authorizations is abusing their privileges, you should enable
auditing for that user to determine if they are performing
questionable actions. If the user has the root
password or the su authorization, event
``L. (Admin/Operator Actions)'' will show the actions done that
require high-level authorization.
Next topic:
Unsupervised physical access to the computer
Previous topic:
Stolen passwords
© 2005 The SCO Group, Inc. All rights reserved.
SCO OpenServer Release 6.0.0 -- 03 June 2005