httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joe Schaefer <>
Subject Re: [PATCH] mod_log_forensic security considerations
Date Fri, 08 Jun 2012 17:22:08 GMT
For several years Graham those logs were rather valuable
in tracking down segfaulting svn requests.  Security releases
were made as a result of some of those reports to the 

Subversion project.

----- Original Message -----
> From: Graham Leggett <>
> To:
> Cc: 
> Sent: Friday, June 8, 2012 12:51 PM
> Subject: Re: [PATCH] mod_log_forensic security considerations
> On 08 Jun 2012, at 5:45 PM, Joe Schaefer wrote:
>>  Well not quite, we'd still have had a problem with storing and 
> archiving
>>  those logs even if we hadn't made them available to committers, because
>>  they violate our password retention policies.
> Can you clarify if possible what purpose you were trying to solve by enabling 
> the forensic logs?
> Forensic logging is to answer the question "what is going wrong", and 
> shouldn't be enabled under normal operational circumstances unless there is 
> something genuinely going wrong, at which point you record what you need and 
> then switch it off again.
> A forensic log that has had a whole lot of filters applied to it is 
> counterproductive, because the forensic log no longer tells you exactly what is 
> going on, and when you're troubleshooting you need to know precisely that.
> Regards,
> Graham
> --

View raw message