Bug#869773: xdm logs failed logins that may be sensitive
On Fri, Jul 28, 2017 at 21:06:47 +0200, Sven Joachim wrote:
> The unknown username should not be in the log, login(1) replaces names
> of non-existent users with "UNKNOWN" when logging failed attempts.
>
How about this then (not even build tested):
diff --git a/greeter/greet.c b/greeter/greet.c
index 9b5cef4..ba4b3da 100644
--- a/greeter/greet.c
+++ b/greeter/greet.c
@@ -405,6 +405,9 @@ static void
FailedLogin (struct display *d, const char *username)
{
#ifdef USE_SYSLOG
+ if (!getpwnam(username))
+ username = "unknown user";
+
if (username == NULL)
username = "username unavailable";
Cheers,
Julien
Reply to: