safelogging should cover hidden service name and intro-points too
In log messages about a hidden service we operate, we don't replace the hidden service name with [scrubbed].
Historically, this was considered fine, because you have your hostname and private_key files on disk already.
But if the user puts his $datadir on encrypted storage, and the logs aren't on encrypted storage, then the logs could be the weak link.