You are viewing a plain text version of this content. The canonical link for it is here.

Posted to bugs@httpd.apache.org by bu...@apache.org on 2023/01/18 11:05:55 UTC

[Bug 66430] Sensitive Information Disclosure in error.log

https://bz.apache.org/bugzilla/show_bug.cgi?id=66430

Joe Orton <jo...@redhat.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|---                         |INVALID

--- Comment #1 from Joe Orton <jo...@redhat.com> ---
You seem to imply the path to the httpd binary is "sensitive information" for
an administrator privileged to read error_log, which seems quite ludicrous.

If you need to create a "sanitized" error_log you should do that with a
filtering piped logger.

-- 
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org