detail logs User-Password

Ryan Melendez rmelendez at wayport.net
Tue Apr 4 16:39:21 CEST 2006


Hello,

I've seen a couple of email in the list discussing the fact that
User-Password is logged by the detail module.  I have to change this
behavior, but hope to get the change in future releases so I wanted to
know where you guys stand. (so I don't have to patch) I plan on adding a
config option for the detail module:

logpass = yes/no

In rlm_detail have the a/v pair associated with PW_PASSWORD skipped if
logpass is set to no. Alternatively, output this line to the log:

User-Password = <censored>

Personally, I think any password attribute should not be logged, but
there might be some history/backwards compatibility I'm unaware of.  I
welcome any comments or suggestions.

Thanks,
Ryan




More information about the Freeradius-Devel mailing list