> > Make absolutely sure, though, that it's really what you want:  logging
> > actual supplied logins is often a great way to offer cleartext passwords
> > to an adversary...
> Which is why you have
> 	authpriv.*			/var/log/secure
> 	...,authpriv.none,...		/var/log/messages

How many times have we seen CERT reports about Yet Another Sendmail Hole
Allowing People To Read Any File...?

What you don't record can't be stolen.