httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joe Schaefer <joe_schae...@yahoo.com>
Subject Re: [PATCH] mod_log_forensic security considerations
Date Fri, 08 Jun 2012 15:45:56 GMT
----- Original Message -----

> From: Daniel Gruno <rumble@cord.dk>
> To: dev@httpd.apache.org
> Cc: 
> Sent: Friday, June 8, 2012 6:24 AM
> Subject: Re: [PATCH] mod_log_forensic security considerations
> 
> On 06/08/2012 12:13 PM, Graham Leggett wrote:
>>  On 08 Jun 2012, at 12:16 AM, Daniel Ruggeri wrote:
>> 
>>>>  I share Williams concern that this makes mod_forensic potentially 
> less 
>>>>  useful.
>>>> 
>>>>  Maybe making the forensic log mode 600 by default would be a better 
> 
>>>>  idea?
>>>  Agreed as well. This module isn't enabled by default and is most 
> likely
>>>  to be enabled by a user that knows what they are trying to accomplish.
>>>  To me, a clear and concise security warning in the documentation should
>>>  be all that is needed.
>>> 
>>>  IMO, having unadulterated logging capability is what makes
>>>  mod_dumpio/mod_log_forensic some of the most useful modules for
>>>  troubleshooting in a proxy/crashing scenario (respectively).
>>  +1.
>> 
>>  Regards,
>>  Graham
>>  --
>> 
> +1 to that. We already have the same kind of warnings in place for
> people setting up proxies, I see no reason why we can't do the same to
> mod_log_forensic.
> The module is, as the name says, for forensic logging, so it should be
> expected that as much as possible is logged by default, and any special
> considerations should be something you could change, but it shouldn't be
> the default behaviour to not include this and that because it may be
> potentially unsafe. We got bit by it, yes, but that was because we made
> the logs available to people, and that's what we should warn about if
> anything.

Well not quite, we'd still have had a problem with storing and archiving
those logs even if we hadn't made them available to committers, because
they violate our password retention policies.


> 
> With regards,
> Daniel.
> 

Mime
View raw message