Should we re-enable safelogging on the console?
Our current console logging code uses
FormatWithSafeLoggingDisabled to display sensitive information, on the theory that stdout logs are ephemeral.
But at !687 (comment 2830897), @eta rightly notes:
I don't really like this idea — oftentimes stdout is just "the systemd journal" or other persistent logging mechanism. Sure, you can call
isattyon it, but that then verges into slightly magic behaviour.
Should we turn off this behavior before 1.0?