LinuxQuestions.org
Visit Jeremy's Blog.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
Reload this Page User passwords display in log file in clear text
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 04-21-2010, 08:49 PM   #1
clozarks
LQ Newbie
 
Registered: Apr 2010
Posts: 16

Rep: Reputation: 0
User passwords display in log file in clear text

Running SunGard Banner software on RHEL 4.2 x86-32 bit Linux server Oracle Application 10.1.2.3 samba enabled. Users run processes/reports that are logged in a daily log file. In our daily job submission log files the user password shows up as clear text. The password shows up as $PSWD (sample from the logfile):


$JOB
$BANUID
$PSWD
$ONE_UP
$PROG
$PRNT

+ rcrtp11.shl
mpickrel
password
1215581
RCRTP11
default

And password shows up as value [3] here:
BASH_ARGV=([0]="LANDSCAPE" [1]="default" [2]="1215583" [3]="password" [4]="mpickrel" [5]="P" [6]="rnein11")


I noticed that the Linux smb.conf file has this value:
encrypted passwords = No

Would changing this value to True keep these passwords from showing up in the logs as clear text? Some programmers have access to these logs to assist users and troubleshoot problems. I don’t like that but right now it is the way things are. Any other way to remove or hide these passwords as the logs are created?

Thank you
Curt Swartzlander
Northwest Arkansas Community College
Bentonville, AR
cswartzlander@nwacc.edu
DBA
 
Old 04-21-2010, 10:02 PM   #2
paulsm4
LQ Guru
 
Registered: Mar 2004
Distribution: SusE 8.2
Posts: 5,863
Blog Entries: 1

Rep: Reputation: Disabled
You simply need to change the way you mount your Samba directory.

Quote:
//192.168.1.2/Music /home/myhome/music smbfs auto,credentials=/root/.credentials,uid=1000,umask=000,user 0 0
Create the "credentials" file like this:
Quote:
sudo gedit /root/.credentials
Code:
username=MY_SMB_USERNAME
password=MY_SMB_PASSWD
Here's more info:
http://linux.die.net/man/8/smbmount

'Hope that helps .. PSM
Last edited by paulsm4; 04-21-2010 at 10:08 PM.
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] SSH and clear text passwords mattydee Slackware 12 08-22-2012 10:01 AM
LXer: Pidgin stores passwords in clear text!!!! LXer Syndicated Linux News 0 09-27-2009 08:11 PM
Passwords sent in clear text? Synesthesia Linux - Security 4 08-19-2006 10:35 AM
Eays way to clear a log file? extremebfn Linux - General 2 01-16-2005 04:05 AM
can not clear log file messages mitch_lin Red Hat 2 04-25-2004 08:19 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 11:37 AM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration