touchy subject -> sniffit
der.hans
PLUGd@LuftHans.com
Wed, 26 Jul 2000 00:18:32 -0700 (MST)
Am 24. Jul, 2000 schwäzte Mike Starke so:
> I know this is a touchy subject for some of you, but I am
> the sysadmin, and have been asked to provide some info about
> a user.
Doesn't mean you have to do it, e.g. that isn't a valid excuse if it's an
illegal act[1]. I'm not trying to say what you're asking about it illegal,
just making sure people remember we have the right to refuse orders (or
minimally bring the issue up at a higher level and demand legal
scrutiny).
> I don't want to begin a long drawn out discussion 'bout privacy,
> I'm all for it. But I do have a boss, and need to give what he asks
> for, yet I feel dumbfounded in how.
You probably want to make sure that your company has a written policy
allowing it and if it's a big company I'd want to run it by legal before
the sniffed data is made available to anyone[2].
ciao,
der.hans
[1] This might not be company policy, but in many cases company policy
also doesn't involve them providing legal support for you if there's
something wrong with your actions, even if under orders from your
manager. If, however, legal cleared the action, then you should have a
pretty good case in your favor. Remember to get their OK in
writing. That's how they'd demand yours if the situation were reversed.
[2] Much of this opinion is based on discussion on the SAGE mailing list
as well as reading, but not proper research and definitely not from
experience, so take it with with a few grains of salt and maybe some
garlic, cheese and onions as well :).
--
# der.hans@LuftHans.com home.pages.de/~lufthans/ www.Opnix.com
# If you're not learning, you're not living. - der.hans