Comment 1 for bug 909538

This is only a security issue if you're using something like syslog to send logs out to a different host. Otherwise, you could just look at the config file, right?