You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@httpd.apache.org by Ben Hyde <bh...@pobox.com> on 2000/02/18 14:27:44 UTC

privacy leaks in log files

Here's an amusing opportunity for a pretty easy enhancement patch
to the logging module(s).

One of the challenges of good privacy management is managing the
tendency of data to wander around showing up in the most unexpected
places.  For example a little data goes in a log file, and then that log
files is copied around for backups, and archives, statistical analysis,
market research, whatever...  It's got a life of it's own the moment it
hits the disk.

The only practical way to avoid leaking private info is to spend the
time, and oh it's so much time, trying to keep it from leaking out.
It's good practice to expunge it as close to it's origin as possible.

So for various reasons the error and access logs often have information
in them that should remain private.  Think credit cards or account
numbers.  This happens from sloppy design, page redirecting, and the
common habit people have of using the error log as a
transaction/debugging stream.

It would help to have a little tiny bit of sed like action on the
logging stream as close to the source as possible to scratch out some of
these.

 - ben

Re: privacy leaks in log files

Posted by Dean Gaudet <de...@arctic.org>.

On Fri, 18 Feb 2000, Rasmus Lerdorf wrote:

> > On Fri, Feb 18, 2000 at 01:27:44PM -0000, Ben Hyde wrote:
> > > It would help to have a little tiny bit of sed like action on the
> > > logging stream as close to the source as possible to scratch out some of
> > > these.
> > 
> > How about using piped logs?
> 
> Yikes, Dean has replicated into Manoj!

rad :)

Dean

Re: privacy leaks in log files

Posted by Rasmus Lerdorf <ra...@apache.org>.

> On Fri, Feb 18, 2000 at 01:27:44PM -0000, Ben Hyde wrote:
> > It would help to have a little tiny bit of sed like action on the
> > logging stream as close to the source as possible to scratch out some of
> > these.
> 
> How about using piped logs?

Yikes, Dean has replicated into Manoj!

-Rasmus

Re: privacy leaks in log files

Posted by Manoj Kasichainula <ma...@io.com>.

On Fri, Feb 18, 2000 at 01:27:44PM -0000, Ben Hyde wrote:
> It would help to have a little tiny bit of sed like action on the
> logging stream as close to the source as possible to scratch out some of
> these.

How about using piped logs?