Path: utzoo!utgpu!jarvis.csri.toronto.edu!mailrus!cs.utexas.edu!uwm.edu!rpi!tale
From: tale@cs.rpi.edu (David C Lawrence)
Newsgroups: comp.unix.wizards
Subject: Re: What should the password/security/userinfo/login system include?
Message-ID: <$N-N}-@rpi.edu>
Date: 10 Dec 89 02:25:08 GMT
References: <4180@sbcs.sunysb.edu> <1989Dec7.172233.10130@chinet.chi.il.us>
	<1236@ispi.UUCP> <1989Dec9.053433.5407@chinet.chi.il.us>
Distribution: usa
Organization: Rensselaer Polytechnic Institute, Troy NY
Lines: 27

<1989Dec9.053433.5407@chinet.chi.il.us> les@chinet.chi.il.us (Leslie Mikesell):
   >>I want logging of *all* keystrokes during a failing attempt at logging
   >>in.

   >This is not a good idea.  If someone unauthorized sees this log file
   >they would have a fairly good idea of some of the passwords on the
   >system.

   If they are written to a file that can only be read by root, why
   should I worry about that?  If someone can already get root permissions
   why would they want to know any other passwords?

Interesting.  There was recently discussion here on just such a thing
when the ftp daemon on the ACM's 3B2s was doing logging.  The problem
exists in that if you find out a person's password on one machine (the
one for which Les point's out it wouldn't matter, because you could su
to the user anyway from root) then you have often times discovered the
user's password on other machines.  

Of course, someone with root access to a machine should have the
scruples not to use this information to gain access to a user's
account.  This is certainly not a completely accurate assumption
though -- there are obviously people out there with no such integrity.

Dave
-- 
   (setq mail '("tale@cs.rpi.edu" "tale@ai.mit.edu" "tale@rpitsmts.bitnet"))