On Tue, Mar 14, 2006 at 08:31:44PM -0000, qazwiz wrote:
> I'm new to the linux nomenclature so pardon a dumb question.... but
> wouldn't just locking the logfile to root only access prevent the
> security problems?
Yes, and we've already done that now; although I prefer to go further
and make sure the password isn't there at all. I'm just leaving this bug
open while we clean up all the pieces.
On Tue, Mar 14, 2006 at 08:31:44PM -0000, qazwiz wrote:
> I'm new to the linux nomenclature so pardon a dumb question.... but
> wouldn't just locking the logfile to root only access prevent the
> security problems?
Yes, and we've already done that now; although I prefer to go further
and make sure the password isn't there at all. I'm just leaving this bug
open while we clean up all the pieces.