The mailing list for listmasters using Sympa

[David Verdin <address@concealed>]

Hi,

The logging system could sure be modified to follow your suggestions.
Would you mind creating a feature request in our tracking system at the 
following address?

http://sourcesup.cru.fr/tracker/?atid=170&group_id=23&func=browse

This would help us manage our future developments.

Regards,
David

Jeff Abbott a écrit :
> Peck Chris wrote:
>
> > This is probably worth noting, as, I just happened to notice it while 
> > debugging something...
> >
> > I'm running sympa v5.2.4,
> >
> > I just noticed that when log_level 2 or higher is configured in 
> > sympa.conf, wwsympa logs userids and passwords.
>
> We had noticed this here, as well.  Our solution is to not run with 
> debug-levels of logging in our production environment, since we have a 
> test environment in which we can do such things where the logs never 
> leave the system.  That might not be a possibility for everyone, 
> however, and I think it might be better if passwords were stripped or 
> obfuscated in the logs even at high levels of output.  There should 
> always be a level that logs them, however, for the purpose of 
> troubleshooting password- and authentication-related problems, with a 
> big note by that logging level stating that it's a bad idea to use in a 
> production system.
>
> Thanks,
> Jeff

--
David Verdin
Comité réseau des universités