Mats Erik Andersson <g...@gisladisker.se> writes: > Hello again, > > let me suggest changes to the way shishid(8) > is submitting messages to LOG_DAEMON. A patch > suggestion is addressing these matters. > > Contrary to claim in "src/kdc.c", shishid(8) is > committing non-error messages "Trying AS-REQ" > and "Trying TGS-REQ" in facility LOG_ERR. > Change these to use LOG_DEBUG.
These messages are rather useless, even on debug level. I have removed them completely. > The mandatory use of LOG_PERROR in "src/shishid.c" > is a mistake. It is better to condition use of > LOG_PERROR in openlog() on the test > > if (arg.verbose_given > 0) Agreed, applied. > There is a further delicate issue with two LOG_INFO > messages in "src/kdc.c": > > "AS-REQ from %s@%s for %s@%s" > "TGS-REQ from %s@%s for %s@%s" > > I suggest downgrading to LOG_DEBUG and also to issue > them only if "arg.verbose_given > 0". However, both > messages present a security issue since they disclose > user information, Hence they should arguably only be sent > to LOG_AUTH, if committed at all instead of just calling > printf() for the running executable shishid(8). I believe these are important for knowing when someone got a ticket, so they should definitely be in the syslog. If we are changing this one to LOG_AUTH, many other messages should also be moved, since they also print user information. However, I wonder what MIT/Heimdal does, or what other servers do, like sshd? I think having user information in /var/log/syslog is fairly common, but I may be mistaken. On systems I'm familiar with, reading the syslog requires the same privileges as reading the authlog so for security I don't think it matters much. /Simon _______________________________________________ Help-shishi mailing list Help-shishi@gnu.org https://lists.gnu.org/mailman/listinfo/help-shishi
