PCI-DSS: Log every root actions/keystrokes but avoid passwords

[Miloslav Trmac]

----- Original Message -----
> > Please do post the patch here when you have it worked out as I am
> > very likely
> > to miss it in the flood of kernel patches when it goes to/from
> > Linus.
> 
> Here you go.  Given Steve's good question, this control method may
> change.

Isn't "icanon" _true_ when the data is echoed?  This patch would allow dropping the echoed data (i.e. commands), not the non-echoed data (i.e. passwords).

(I might be mistaken and I haven't tested this.)
    Mirek