detail logs User-Password

Alan DeKok aland at
Tue Apr 4 18:14:02 CEST 2006

"Ryan Melendez" <rmelendez at> wrote:
> I've seen a couple of email in the list discussing the fact that
> User-Password is logged by the detail module.  I have to change this
> behavior, but hope to get the change in future releases so I wanted to
> know where you guys stand. (so I don't have to patch)

  Personally, I don't see a lot of value in it.  But if the patch is
simple & the config is easy, I have no objections to it going in.

> Personally, I think any password attribute should not be logged, but
> there might be some history/backwards compatibility I'm unaware of.

  I don't think so.  Make the default to log the password, and all
backwards compatibility will be maintained.

  Question: are there *other* attributes which should be suppressed?
If so, the configuration should take a list of attributes to censor,
rather than just "logpass=yes/no"

  Alan DeKok.

More information about the Freeradius-Devel mailing list