RE: How do you turn logging off completely in Embperl?

Thu, 20 Jan 2000 12:05:19 -0800 

There must be a bug somewhere because I had EMBPERL_DEBUG = 0 and was getting
errors about not being able to write to /tmp/embperl.log.

This is with v 1.2b4 I believe so if this has changed recently that may be why
I got the errors.

On 20-Jan-00 Gerald Richter wrote:
>>
>> That's what I thought. Setting 'EMBPERL_DEBUG 0' should really
>> turn off any
>> kind of logging including even trying to open the log file.
>>
> 
> Look at epio.c function OpenLog line 838
> 
>     if (r -> bDebug == 0)
>       return ok ; /* never write to logfile if debugging is disabled */
> 
> If the DEBUG Flags are zero Embperl should never open the log, but if you do
> one request with EMBPERL_DEBUG != 0, the logfile is open and will stay open.
> 
>> > I consider this a bug and a security
>> > hazard
>> > (writing anything blindly to /tmp can have potentially lethal
>> side effects,
>> > eg: user foo puts in a symlink from /tmp/embperl.log to
>> anything owned by the
>> > user running the server and that file gets embperl logs
>> appended to it!).
>> >
> 
> If the logfile really get opend before you have a chance to set
> EMBPERL_DEBUG to 0, then it's a bug and a security whole, but I can't see
> this for now, but maybe I oversee something...
> 
>> > The log file is tied to at a few different spots within the
>> code. None of
>> > these check the setting of EMBPERL_DEBUG before tying to the
>> log. They should
>> > only tie to the log if the debug setting is not zero.
>> >
> 
> The logfile is only opened at this one place in OpenLog I mentioned above
> and this function checks the debug setting, _before_ opening the log. So if
> EMBPERL_DEBUG is zero, the log file will never get opend and all other
> function will just throw anything you try to write to the logfile away, if
> the log file isn't opened.
> 
> Gerald
> 
> -------------------------------------------------------------
> Gerald Richter    ecos electronic communication services gmbh
> Internetconnect * Webserver/-design/-datenbanken * Consulting
> 
> Post:       Tulpenstrasse 5         D-55276 Dienheim b. Mainz
> E-Mail:     [EMAIL PROTECTED]         Voice:    +49 6133 925151
> WWW:        http://www.ecos.de      Fax:      +49 6133 925152
> -------------------------------------------------------------

---
Jason Bodnar + [EMAIL PROTECTED] + Tivoli Systems

I swear I'd forget my own head if it wasn't up my ass. -- Jason Bodnar

Reply via email to