On Mon, Jul 14, 2003 at 09:53:21AM -0400, Alan DeKok wrote: > "Alexander M. Pravking" <[EMAIL PROTECTED]> wrote: > > In debug mode, rlm_ldap prints out all the passwords it uses for bind. > > I think it's reasonable enough to disallow it or at least make it > > configurable. > > I don't see why. It's debug mode, so it prints out a number of > worse things (from a security point of view) than the LDAP password.
Am I the only crasy one who runs production server in debug mode? If there's anyone else who does, please answer me. It's really hard sometimes to reproduce the critical situation once more, so I prefer to have 20-40 megs of daily logs and be able to determine a problem very quickly rather than restart the server in debug mode and wait the problem to be repeated. I'm probably wrong here... In any case, FreeRADIUS' logging system is far, far from perfect... -- Fduch M. Pravking - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
