From owner-freebsd-arch@FreeBSD.ORG  Sat May  1 23:58:47 2010
Return-Path: <owner-freebsd-arch@FreeBSD.ORG>
Delivered-To: freebsd-arch@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 898C31065675
	for <freebsd-arch@FreeBSD.org>; Sat,  1 May 2010 23:58:47 +0000 (UTC)
	(envelope-from ed@hoeg.nl)
Received: from mx0.hoeg.nl (mx0.hoeg.nl [178.63.0.170])
	by mx1.freebsd.org (Postfix) with ESMTP id 4681D8FC0A
	for <freebsd-arch@FreeBSD.org>; Sat,  1 May 2010 23:58:46 +0000 (UTC)
Received: by mx0.hoeg.nl (Postfix, from userid 1000)
	id 3FB4B2A28D04; Sun,  2 May 2010 01:58:46 +0200 (CEST)
Date: Sun, 2 May 2010 01:58:46 +0200
From: Ed Schouten <ed@80386.nl>
To: Peter Jeremy <peterjeremy@acm.org>
Message-ID: <20100501235846.GU56080@hoeg.nl>
References: <20100501124544.GR56080@hoeg.nl> <20100501211250.00007a1c@unknown>
	<20100501203244.GT56080@hoeg.nl>
	<20100501205625.GB36980@server.vk2pj.dyndns.org>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
	protocol="application/pgp-signature"; boundary="SpiXHX+fVORj1nzn"
Content-Disposition: inline
In-Reply-To: <20100501205625.GB36980@server.vk2pj.dyndns.org>
User-Agent: Mutt/1.5.20 (2009-06-14)
Cc: Alexander Leidinger <Alexander@Leidinger.net>, freebsd-arch@FreeBSD.org
Subject: Re: [Extension] utmpx and LOGIN_FAILURE
X-BeenThere: freebsd-arch@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Discussion related to FreeBSD architecture <freebsd-arch.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-arch>,
	<mailto:freebsd-arch-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-arch>
List-Post: <mailto:freebsd-arch@freebsd.org>
List-Help: <mailto:freebsd-arch-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-arch>,
	<mailto:freebsd-arch-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 01 May 2010 23:58:47 -0000


--SpiXHX+fVORj1nzn
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

* Peter Jeremy <peterjeremy@acm.org> wrote:
> On 2010-May-01 22:32:44 +0200, Ed Schouten <ed@80386.nl> wrote:
> >* Alexander Leidinger <Alexander@Leidinger.net> wrote:
> >> Does this default to on or off or is this always on? If the later: some
> >> kind of a switch (no matter what the default is) would be highly
> >> desired.
> >
> >What about adding a switch to last(1) to (un)hide the entries?
>=20
> That doesn't cover the DoS potential of logging this data in the
> firstplace.

So how is this covered right now? As far as I know, all of our existing
login services write messages to /var/log/*.

--=20
 Ed Schouten <ed@80386.nl>
 WWW: http://80386.nl/

--SpiXHX+fVORj1nzn
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.14 (FreeBSD)

iEYEARECAAYFAkvcwDYACgkQ52SDGA2eCwUUPgCfZYsuRiXSdFvIBzyiZXhuwpg6
tLgAniZkPaS9y+yknAiiwl3JtB5mVs6d
=WM6O
-----END PGP SIGNATURE-----

--SpiXHX+fVORj1nzn--