Subject: is skeyaudit(1) security-related?
To: None <firstname.lastname@example.org, email@example.com>
From: Hubert Feyrer <firstname.lastname@example.org>
Date: 03/07/2001 21:20:54
skeyaudit(1) checks if a user is running out of skey keys, and sends him a
warning mail if so.
What I'm wondering now is if this should be regarded as a security-related
action, or as a "normal" administrative one. Accordingly, should skeyaudit
be run from /etc/daily, or from /etc/security. The latter bears the risk
that the users don't get warned if an admin turns off running
/etc/security (by putting run_security=no into daily.conf), and I think
moving skeyaudit from /etc/security to /etc/daily is TRT.
Comments on this subject?
P.S.: Assorted PR is 12267 (we currently allow running skeyaudit from both
/etc/daily and /etc/security, which does not make much sense.
Hubert Feyrer <email@example.com>