On 08 Jun 2012, at 7:22 PM, Joe Schaefer wrote: > For several years Graham those logs were rather valuable > in tracking down segfaulting svn requests. Security releases > were made as a result of some of those reports to the > > Subversion project.
I'm sure they were, that's exactly what the forensic logs were designed for. I think what went wrong was that they weren't turned off when they were no longer needed, and they weren't properly secured. I think it would be useful to have a generic log encryption hook or provider, which any/all logging modules can call to encrypt data that is about to be written to a file and/or pipe. This way it can be safe to keep logging turned on and available to those who need it, while being suitably protected at the same time. Something like this maybe: # apply key in /path/to/key to files matching /var/log/httpd/secure/* LogEncrypt /path/to/key /var/log/httpd/secure/* Regards, Graham --