Date: Sat, 01 May 2010 21:50:23 -0600 (MDT) From: "M. Warner Losh" <imp@bsdimp.com> To: ed@80386.nl Cc: Alexander@Leidinger.net, freebsd-arch@freebsd.org Subject: Re: [Extension] utmpx and LOGIN_FAILURE Message-ID: <20100501.215023.353672579433532204.imp@bsdimp.com> In-Reply-To: <20100501235846.GU56080@hoeg.nl> References: <20100501203244.GT56080@hoeg.nl> <20100501205625.GB36980@server.vk2pj.dyndns.org> <20100501235846.GU56080@hoeg.nl>
next in thread | previous in thread | raw e-mail | index | archive | help
In message: <20100501235846.GU56080@hoeg.nl> Ed Schouten <ed@80386.nl> writes: : * Peter Jeremy <peterjeremy@acm.org> wrote: : > On 2010-May-01 22:32:44 +0200, Ed Schouten <ed@80386.nl> wrote: : > >* Alexander Leidinger <Alexander@Leidinger.net> wrote: : > >> Does this default to on or off or is this always on? If the later: some : > >> kind of a switch (no matter what the default is) would be highly : > >> desired. : > > : > >What about adding a switch to last(1) to (un)hide the entries? : > : > That doesn't cover the DoS potential of logging this data in the : > firstplace. : : So how is this covered right now? As far as I know, all of our existing : login services write messages to /var/log/*. newsyslog rotates those files when they get too big... Warner
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20100501.215023.353672579433532204.imp>