Evergreens

Mark Smith's Journal

Work related musings of a geek.

(Reply)

09.05.2010 07:07 pm (UTC)

(no subject)

damned_colonial: Convicts in Sydney, being spoken to by a guard/soldier (Default)
Posted by [personal profile] damned_colonial
We were talking about something vaguely similar the other week at work, and we decided to trigger an email whenever someone did something with their elevated privs, so that it would be more visible to those who needed to know about it and the person doing it would be accountable.

Thinking along those lines, could you send a notification to the user, as well as logging, when someone with privs views a protected entry? The text of the message could include something like, "This is most likely in relation to a support request you raised" or whatever is necessary to explain why it's happening and reassure the user. It feels, to me, a bit like the email you get that says "Someone, possibly you, has requested a password change."
From:
Anonymous( )Anonymous This account has disabled anonymous posting.
OpenID( )OpenID You can comment on this post while signed in with an account from many other sites, once you have confirmed your email address. Sign in using OpenID.
User
Account name:
Password:
If you don't have an account you can create one now.
Subject:
HTML doesn't work in the subject.

Message:

 
Notice: This account is set to log the IP addresses of everyone who comments.
Links will be displayed as unclickable URLs to help prevent spam.