On 2008-08-28 13:05, Johan Walles wrote: > It's readable by anybody with physical access to the hardware.
If their have physical access to the hardware, auth.log would be my least worry. > That doesn't mean Debian should *help* root doing that in a default > install. Security by default, anybody? Yes. But I fail to see, that this is not the case here. > I can see a point in logging *valid* usernames. Logging invalid > usernames (which aren't unlikely to actually be passwords) is a > security risk. Sometimes, a user thinks their username is valid, and the system "thinks" it is not. They call the system administrator and with the help of auth.log they can find out what the problem is. > [1] - http://www.finfacts.ie/irishfinancenews/article_1014326.shtml It says "Almost 4,000 Laptops lost or missing in Europe's major airports every week". Let's assume their disks are encrypted, which is very easy using the Debian Installer (since etch, IIRC?). Note: I certainly typed in accidently a password for a login name in the past and would not oppose a patch by you to (optionally!) not log user names. But I fail to see a real problem here. After all, most users make mistakes when it comes to e-mail (e.g. sending confidential information to the wrong person or even a publically archived mailing list etc.) Here I see much more potential for problems than auth.log. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
