What are reasonable blockers for making journald the default logger in F19?
mattdm at fedoraproject.org
Wed Oct 17 19:26:25 UTC 2012
On Wed, Oct 17, 2012 at 03:07:19PM -0400, Andrew Schultz wrote:
> and if you log all attempts to login, then they'll end up in the
> logs. I'd suggest that not logging unknown users by default is a
> much better solution than having a special log; no admin wants to
> see passwords (even if they're root) and unknown usernames (either
> typos or passwords) are rarely helpful.
I don't think that's true. "You're typing the wrong username" happened to me
on multiple occasions when I was doing that kind of support.
Additionally, it maybe useful to log this information for intrusion
detection and correlation.
And, in general, authpriv exists as a mechanism for logging any sort of
potentially private data. It would be a security regression to ignore that.
Matthew Miller ☁☁☁ Fedora Cloud Architect ☁☁☁ <mattdm at fedoraproject.org>
More information about the devel