Re: Suppress display of sensitive info by servers (proposal)

From: Molle Bestefich <molle.bestefich_at_gmail.com>
Date: 2005-04-13 08:45:19 CEST

Daniel Rall wrote:
> Requirements of any solution:
>
> o Low-level libraries should continue to propogate all contextual
> information available (including security-sensitive info). For
> example, httpd error logs should contain file system paths to the
> repository, as should error messages from file:// operations.
>
> o Secure versions of error messages must still contain relevant
> security-insensitive information (e.g. "Reference to non-existent
> revision 3209683", even though the path is omitted).

Wouldn't it become more cumbersome to report error messages to
anybody, e.g. your sysadmin, if the context is missing?

(I'm thinking that that's actually more important than fixing some
imaginary security problem..)

Could the path from the URL perhaps be included instead of the filesystem path?
Or the repository UUID?

Haven't looked at the code, so might be a stupid suggestion :-p.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Wed Apr 13 08:46:27 2005

This message: [ Message body ]
Next message: Peter N. Lundblad: "Re: svn commit: propchange - r14162 - svn:log"
Previous message: Peter N. Lundblad: "Re: Locking issues"
In reply to: Daniel Rall: "Suppress display of sensitive info by servers (proposal)"
Next in thread: Mark Benedetto King: "Re: Suppress display of sensitive info by servers (proposal)"
Reply: Mark Benedetto King: "Re: Suppress display of sensitive info by servers (proposal)"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]