[Moritz Molle]
If I do
# grep change_password /var/log/messages
I get a list of passwords, if the users have changed their given
passwords. That must not be the case. It's a serious security issue,
and is not solved by /var/log/messages only be readable for root.
How can i turn off logging of cleartext-passwords?
Which version of debian-edu-config do you have installed? I am aware
we found such problem a long time ago, but thought it was solved and
the fix pushed out to users. It was fixed in version 1.454~svn77208,
according to svn.