Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 17 Sep 2005 12:34:25 -0500
From: Mr Duck <tld@...eexamples.org>
To: popa3d-users@...ts.openwall.com
Subject: Re: Patch to include the username in all syslog messages

Solar Designer wrote:
>>  Fredrik wrote:
>>  It is a patch that adds the username (or mailbox, which should
>>  be the same most of the time) to all syslog messages that popa3d
>>  writes. It is very useful for detecting users that misspell
>>  usernames, or use incorrect case when typing the username.

> Yes.  Unfortunately, a side-effect is that you will also get some
> plaintext passwords logged since some users are dumb enough to
> enter their password in place of username.  This was one of two
> reasons for

   It is unfortunate that someone would do this, but not enough of a
reason to cause any significant influence, IMHO.   Plus, a simple
password scan could check the unknown username against the password
list, and look for matches.  That would at least provide an
opportunity to do some adjustment so that their plain password was
not fully displayed... not really worth it IMHO, but if someone
was concerned over this...

> not logging unknown usernames.  The other reason is that unknown
> usernames may contain any "garbage" characters, including terminal
> controls, making it unsafe to browse logs on some systems (where syslogd
> does not filter or escape potential terminal controls) unless special
> precautions are taken (e.g., "less -U" is OK, "more" or plain "grep ..."
> with output to the terminal are not).

   An easy fix.  Before any logging is done with an unknown username,
parse it for "garbage" characters, and replace them with something
non-garbage...

   Of anything that I think popa3d should contain, this patch is *the*
one.  It's not fun to track logs when you can't tell which line is
for what user.

   Besides, your reasons for not displaying unknown usernames is really
that important, then here is an alternate idea.

   Each full session is given a unique instance ID.  This ID is logged 
with every log item.  This way, the password/garbage char concerns
would be addressed, and log-watchers like myself and Fredrik will have
something easy to link log entries.

   Bear in mind, this is my opinion and nothing more.  I'm not the
one who wrote and is supporting the pop server. (=   but, I am a user
of the server and as such, feel that my opinion counts for something,
if only a voice.
(=

Brad/TLD

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ