Login functionality

ken_i_m at elegantinnovations.net ken_i_m at elegantinnovations.net
Tue Feb 17 23:49:06 PST 2004


On Wed, Feb 18, 2004 at 12:50:22AM -0600, Charles Winebrinner (cwinebrinner at lmtc.net) wrote:
>        But, for instance, if it's a system with a lot of users and someone
> somehow gains access to the log, then that could be a major problem,
> because there are a lot of people that use the same password for everything.
> If the hacker can associate their usernames on the machine to external
> accounts, then he will have complete access to all of their other accounts.
 
Getting users to follow good password practice is a _hard_problem_.  In 
the large user scenario you describe a solution I will be looking at 
"real soon now" is remote logging.  Though my motivation is to reduce 
log monitoring overhead it will have the fringe benefit of reducing the 
risk of unauthorized log access.

> BTW, sorry if this message isn't formatted properly.

Looks OK here.  Thanks.
-- 
I think, therefore, ken_i_m
Chief Gadgeteer, Elegant Innovations
Founder, Bozeman Linux Users Group
(406) 581-0495



More information about the hlfs-dev mailing list