Hi all - We discussed this at length many times over the years and our decision was always that “DEBUG” meant show everything that is going on, otherwise debugging is very hard.
I suppose we could consider two levels: “DEBUG” as it is now, and “DEBUGWITHOUTPASSWORDS” with passwords obscured. Thoughts? regards Hugh On 13 Oct 2014, at 08:57, Keith Morrell <[email protected]> wrote: > UNCLASSIFIED > > We use debug level 4 on all our subprocesses (we use radiator proxies for > front ends) to gather detailed data about what’s going on – it’s just the way > we like it. > > Personally, I think showing any passwords in clear text in logs is generally > not a good idea… > > -Keith > > > From: Alan Buxey [mailto:[email protected]] > Sent: Monday, 13 October 2014 8:49 AM > To: Keith Morrell; Vangelis Kyriakakis; Radiator > Subject: Re: [RADIATOR] Hiding the LDAP Password attribute on Trace level 4 > [SEC=UNCLASSIFIED] > > Why would you be running in this mode? Surely only debug level that high for > debugging? And how could you be sure that the issue want due to incorrect > password? ;) > > alan > _______________________________________________ > radiator mailing list > [email protected] > http://www.open.com.au/mailman/listinfo/radiator -- Hugh Irvine [email protected] Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP, DIAMETER, SIM, etc. Full source on Unix, Linux, Windows, MacOSX, Solaris, VMS, NetWare etc. _______________________________________________ radiator mailing list [email protected] http://www.open.com.au/mailman/listinfo/radiator
