[
https://issues.apache.org/jira/browse/COUCHDB-464?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13140562#comment-13140562
]
Paul Joseph Davis commented on COUCHDB-464:
-------------------------------------------
As a matter of fact, all control characters should probably be stripped from
user supplied log messages. There's a CVE out there somewhere that discusses
how to inject control sequences so that if someone tails the log as root it'll
execute arbitrary commands. Technically more of a bug in the terminal, but
still something to be aware of.
> Allow POST to _log for external processes
> -----------------------------------------
>
> Key: COUCHDB-464
> URL: https://issues.apache.org/jira/browse/COUCHDB-464
> Project: CouchDB
> Issue Type: New Feature
> Reporter: Robert Newson
> Fix For: 1.3
>
> Attachments: 0001-Add-POST-support-to-_log.patch,
> 0001-Add-POST-support-to-_log.patch, 0001-Add-POST-support-to-_log.patch
>
>
> Add POST support to _log so that external processes can also log to
> couch.log. This would allow couchdb-lucene (to pick a random example) to log
> consistently.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
