Hiding Passwords in Debug Output
Garber, Neal
Neal.Garber at energyeast.com
Fri Sep 22 19:23:23 CEST 2006
I understand that it is sometimes useful to display the plain-text
password in the debug output; however, I consider this a security
exposure. I'd like to see a configuration option (e.g.,
debug_show_passwords or something similar) with a default of no, that
when set to false/no would write "********" instead of a plain-text
password in debug output. Currently, modules rlm_ldap, rlm_pap, and
perhaps others write the plain-text password in debug output.
Your thoughts?
Neal
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20060922/66792202/attachment.html>
More information about the Freeradius-Users
mailing list