On 2015-06-21 09:14, Basil Chupin wrote:
But you know what they asked for is not really a fantasy but a legitimate request for security of data.
Yes, absolutely. The operating system is what it is, but at the application you can do whatever you like - or rather, what you have money to pay the programmers to do :-) I have worked with a complex machine (5ESS), based on Unix, on which all access was done via a user interface with lots of security measures (optionally activated). Like defining teams that could do lists of commands (and not others), and of course record who did what, all the time. Double authorization I didn't see, but it might be done. Just /ask/ the supplier to design it... But one of the commands was "get to the Unix terminal", and then I was root... just imagine. My point is that you can overlay a user interface over the operating system, on which you can indeed do anything you can imagine. I suppose that on banks, the programs that the employers use might have these type of things. The clerk doing an operation, which has to be checked and accepted by his boss. This can be better ensured because the interface runs remotely. But the database administrator could fake entries, and the administrator of the machine(s) could destroy the entire database... Which makes me suppose that they distribute the databases. -- Cheers / Saludos, Carlos E. R. (from 13.1 x86_64 "Bottle" at Telcontar)