james-server-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Paul Hammant <Paul_Hamm...@yahoo.com>
Subject Re: Local security issue?
Date Fri, 07 Jun 2002 21:41:13 GMT
Noel J. Bergman wrote:

>Paul,
>
>  
>
>>Perhaps passwords should not be echoed to the log.
>>    
>>
>
>LOL No kidding.  :-) My initial thought was to alert *current* users of the
>potential problem, and advise them of steps they could take immediately.
>
>The code can be changed.  As it stands, logging is at a point where it is
>just echoing back the command entered
>
>    private boolean parseCommand(String commandRaw) {
>        if (commandRaw == null) return false;
>        getLogger().info("Command received: " + commandRaw);
>	...
>
>We haven't gotten to the code that does the parsing, so we don't yet know
>that the line IS a password.
>
Ahhh OK :-)

Well either way, the user community must believe that JAMES will never 
journal/log passwords or they'll depart to other servers.

>
>I can move the log statement to after we parse out the verb.  FWIW, I also
>believe that this should be DEBUG, not INFO.
>
>Anyone object to these changes?
>

There is some wisdom that user ids should not be logged on failure of 
auth, as they might have been transposed with passwords by a hapless 
user.  Of course, if there are say 5 attempts with the same user id (and 
failing) then it is evidence of hacking and thus should be logged.

-ph

>  
>


--
To unsubscribe, e-mail:   <mailto:james-dev-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:james-dev-help@jakarta.apache.org>


Mime
View raw message