Login functionality

Anderson Lizardo lizardo at linuxfromscratch.org
Wed Feb 18 09:49:55 PST 2004


On Qua, 18 Fev 2004 07:32:14 -0500, Archaic wrote:
> {malicious,lazy,ignorant} then he'll likely be rooted anyway. Also, I
> never mentioned writing the password, just replace UNKNOWN with the name
> typed. And any good admin will religiously check logs and keep them
> private.

That's the problem: if the user typed the password by accident instead
of the login name, the password is stored plain text on the log. Even
with strong encryption, secure VPN channel, unreadable log files,
whathever, the admin will need to _read_ the logfile sometime, and to
avoid anyone else reading the possible stored plaintext passwords, he
should lock himself on a room, clear any video buffer that maybe stored
the screen, assure that the printer spooler didn't store the printed
logfile and so on.

IMHO, passwords should never be _visible_ to the external world as plain
text (including failed login names which potentially could be
passwords).

-- 
Anderson Lizardo
lizardo at linuxfromscratch.org
http://www.linuxfromscratch.org/



More information about the hlfs-dev mailing list