Sometimes a user gives a typo when they are trying to give a password after typing a sensitive command, such as su - . The user then will assume they are being given another password request, and will then thus type the root password in the command prompt, leaving it there in the logs. I feel that such password references in the logs are a security risk, particularly the root password.
What specific tools and syntax can be used to remove any such passwords from the logs?
Aucun commentaire:
Enregistrer un commentaire