Isaac Vetter wrote:
The docs for 'LogStackTrace' have been updated as follows. How do folks feel about the new notice?If set then logging will include stack traces for messages with level equal or greater than specified. NOTICE: Stack traces include parameters that functions or methods were called with. It is possible for stack trace logging to reveal sensitive information such as passwords and ticket content in your logs.Jesse, Since you're asking (and towards the goal of something useful coming from this thread). :) I would say that, in this case, you shouldn't end a sentence with a preposition. How about: "Stack traces include the parameters of called functions." or "Stack traces include the parameters used within methods and functions." or ...
One idea I've seen and quite like is what OpenLDAP does. Passwords and
other security tokens are Base64 encoded in all output[*]. Sure it's a
trivial encoding that anyone could decode in moments, but it prevents
people trivially reading passwords over your shoulder when they are
displayed on your screen.
Cheers,
Matthew
[*] Actually I think this is primarily because those object classes are
defined as containing non-ascii data, rather than specifically as a
security measure. It's a handy side-effect though.
--
Dr Matthew Seaman The Bunker, Ash Radar Station
PGP: 0x60AE908C on servers Marshborough Rd
Tel: +44 1304 814890 Sandwich
Fax: +44 1304 814899 Kent, CT13 0PL, UK
signature.asc
Description: OpenPGP digital signature
_______________________________________________ http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users Community help: http://wiki.bestpractical.com Commercial support: [email protected] Discover RT's hidden secrets with RT Essentials from O'Reilly Media. Buy a copy at http://rtbook.bestpractical.com
