On Jun 7, 2012, at 3:11 PM, Stefan Fritsch wrote: > I share Williams concern that this makes mod_forensic potentially less > useful. > > Maybe making the forensic log mode 600 by default would be a better > idea?
I have to agree with Jeff. I would rather have a more difficult or even impossible time debugging a crash than have a security hole that relies solely on file permissions. Maybe it should be a toggle in mod_forensic for debugging purposes (defaulting to hiding Authorization). The problem with just changing the file permissions is that sensitive data is still stored in the files. Even if the files are owned by root, anyone with root access would have access to others' usernames and passwords. I don't want to have that access to others' credentials, nor do I want them to have access to mine. I applied Jeff's patch as soon as it came across, wiped out all of our archived forensic logs, and had all of our affected users reset their passwords. Thanks, Jeff! - Jim
