Bug#869773: xdm logs failed logins that may be sensitive

[Julien Cristau <jcristau@debian.org>]

On Fri, Jul 28, 2017 at 21:06:47 +0200, Sven Joachim wrote:

> The unknown username should not be in the log, login(1) replaces names
> of non-existent users with "UNKNOWN" when logging failed attempts.
> 
How about this then (not even build tested):

diff --git a/greeter/greet.c b/greeter/greet.c
index 9b5cef4..ba4b3da 100644
--- a/greeter/greet.c
+++ b/greeter/greet.c
@@ -405,6 +405,9 @@ static void
 FailedLogin (struct display *d, const char *username)
 {
 #ifdef USE_SYSLOG
+    if (!getpwnam(username))
+       username = "unknown user";
+
     if (username == NULL)
        username = "username unavailable";
 

Cheers,
Julien