On Wed, 9 Jul 1997, Dave Cinege wrote: > On Wed, 9 Jul 1997 12:44:03 -0400 (EDT), Will Lowe wrote: > > >On Wed, 9 Jul 1997, Joey Hess wrote: > > > >> I've got sysklogd 1.3-17 and it's made /var/log/messages no longer be world > >> readable. Is there some security problem with letting any user read it? > > > >/var/log/messages can also find my login and password for my ISP (in my > >case, my university). > > Not if you enclose the password in '/q' like the standard > /etc/ppp.chatscript does.
Not entirely true! The example script shows: ABORT BUSY ABORT "NO CARRIER" ABORT VOICE ABORT "NO DIALTONE" "" ATDT<edit phone number here> ogin <put login name here> word \q<put password here>\q All of the sudden one day I noticed my password showing up in the log files. I had to eliminate the second \q and then add it to the next statement pair. So be carefull. ---------------- http://www.sound.net/~wpmills/ ----------------- : W. Paul Mills : Bill, I was there several years ago. : : Topeka, Kansas, U.S.A. : Why would I want to go back tomorrow? : : [EMAIL PROTECTED] : Where were you! : : [EMAIL PROTECTED] : ---------------------------------------- : : [EMAIL PROTECTED] : Linux: Tomorrow's operating system, : : [EMAIL PROTECTED] : here, today. : : [EMAIL PROTECTED] : ---------------------------------------- : : compuserve 70023,1750 : #define MY_TRUE_LOVE computer : -------------- http://homepage.midusa.net/~wpmills/ ------------- -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED] .
