What are reasonable blockers for making journald the default logger in F19?
ajschult at verizon.net
Wed Oct 17 22:20:24 UTC 2012
Simo Sorce wrote:
> All very nice, but the current situation is that this info *is* sent to
> the log.
> So I applaud if you want to go and fix applications, in the meanwhile we
> cannot relax security around that log IMO.
The current situation (from where I'm sitting) is that the private info
is *not* sent to the log because the of the gdm chooser design. So what
we have instead is that non-private info is being sent to a
super-private log and (as Lennart pointed out) that information is less
accessible to the admins that might be able to use it.
If you are concerned about people not using the chooser or some other
vector to hit the issue with pam, then fixing pam is a ~1 line patch (if
people can be convinced that the info shouldn't be logged). I can't
imagine too many other applications having this bad behavior (given that
I never see passwords in the logs anymore). I don't know what we
accomplish by protecting AUTHPRIV as a facilitator of applications
logging things that shouldn't be logged.
ajs42 at buffalo.edu
More information about the devel