Alan DeKok wrote: > Guy Fraser <[EMAIL PROTECTED]> wrote: > >>> You will have to edit the source code to the detail module to make >>>it do what you want. >>> >> >>Is that the way it is supposed to be, or is it on a todo list for it >>to be fixed? > > Fixed to do what, and why?
To not log passwords in the detail file, because it puts them at unnecessary risk of exposure. > No, I'm not being dumb, I'd like to see reasons why dropping > information from the detail log is a good idea. Actually, I may be confused here. Are we talking about passwords entered by users and sent to the RADIUS daemon by a NAS being logged in the radius.log or the detail file? I ask because I *don't* see this behavior (except in debugging mode) on freeradius 1.0.5. So maybe we're talking about something else. We have strict rules here about handling sensitive data; I'd be in big trouble if any of my systems was storing user-supplied passphrases in a log file. -- George C. Kaplan [EMAIL PROTECTED] Communication & Network Services 510-643-0496 University of California at Berkeley - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
