Login functionality

Archaic archaic at indy.rr.com
Wed Feb 18 17:05:52 PST 2004


On Wed, Feb 18, 2004 at 01:49:55PM -0400, Anderson Lizardo wrote:
> 
> That's the problem: if the user typed the password by accident instead
> of the login name, the password is stored plain text on the log. Even
> with strong encryption, secure VPN channel, unreadable log files,
> whathever, the admin will need to _read_ the logfile sometime, and to
> avoid anyone else reading the possible stored plaintext passwords, he
> should lock himself on a room, clear any video buffer that maybe stored
> the screen, assure that the printer spooler didn't store the printed
> logfile and so on.

Point taken. I light of the overwhelming arguments against the proposal,
I retract it. :)

-- 
Archaic

A right is not what someone gives you; it's what no one can take from
you.

- Ramsey Clark




More information about the hlfs-dev mailing list