On Wed, 2005-08-03 at 10:57 -0400, Charles Bailey wrote:
> I'm concerned that this may be too narrow a view of logging (i.e. as a
> tool for <nontechnical>auditing</nontechnical>). While it's certainly
> true that a log writeable by a local svn client is hackable by a
> local, I suspect most local users aren't malicious. Given that, I can
> see reasonable, non-sensitive uses for logging of local activity.
However, applications do not normally log local activity. "ls" does not
log what directories you look at, etc.. Such information might be
useful, but normally logging of local activity is expected to be done at
another layer, such as shell histories or process accounting.
I'm not sure if I can provide a compelling justification for this
attitude in the world of software, but I'm not sure the burden of proof
is on me. I don't think Subversion should invent jobs for itself beyond
what the world normally expects of applications in its space. Network
servers are expected to be able to log client requests; random tools are
not expected to be able to log everything they do.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Fri Aug 5 21:06:41 2005