Date: Sun, 2 May 2010 01:58:46 +0200 From: Ed Schouten <ed@80386.nl> To: Peter Jeremy <peterjeremy@acm.org> Cc: Alexander Leidinger <Alexander@Leidinger.net>, freebsd-arch@FreeBSD.org Subject: Re: [Extension] utmpx and LOGIN_FAILURE Message-ID: <20100501235846.GU56080@hoeg.nl> In-Reply-To: <20100501205625.GB36980@server.vk2pj.dyndns.org> References: <20100501124544.GR56080@hoeg.nl> <20100501211250.00007a1c@unknown> <20100501203244.GT56080@hoeg.nl> <20100501205625.GB36980@server.vk2pj.dyndns.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--SpiXHX+fVORj1nzn Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable * Peter Jeremy <peterjeremy@acm.org> wrote: > On 2010-May-01 22:32:44 +0200, Ed Schouten <ed@80386.nl> wrote: > >* Alexander Leidinger <Alexander@Leidinger.net> wrote: > >> Does this default to on or off or is this always on? If the later: some > >> kind of a switch (no matter what the default is) would be highly > >> desired. > > > >What about adding a switch to last(1) to (un)hide the entries? >=20 > That doesn't cover the DoS potential of logging this data in the > firstplace. So how is this covered right now? As far as I know, all of our existing login services write messages to /var/log/*. --=20 Ed Schouten <ed@80386.nl> WWW: http://80386.nl/ --SpiXHX+fVORj1nzn Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.14 (FreeBSD) iEYEARECAAYFAkvcwDYACgkQ52SDGA2eCwUUPgCfZYsuRiXSdFvIBzyiZXhuwpg6 tLgAniZkPaS9y+yknAiiwl3JtB5mVs6d =WM6O -----END PGP SIGNATURE----- --SpiXHX+fVORj1nzn--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20100501235846.GU56080>