[Zope-Coders] new zLOG

[Chris McDonough]

The obvious fallback would be to turn logging off completely until it's
enabled by the sysadmin... Zope 2 did this for a long time, but it
proved very painful.

On Mon, 2002-12-02 at 12:44, R. David Murray wrote:
> On 27 Nov 2002, Chris McDonough wrote:
> > I recognize that this is not best practice as far as security goes, but
> > I think the responsibility is still in the right place:  the sysadmin
> > must secure the installation to the best of his ability.  As long as we
> > inform them of the risk of keeping the default settings, I think our job
> > is done.
> >
> > dissent?
> 
> In particular, no.  I understand that this is a hard problem to solve
> in a cross-platform way.
> 
> As a general principle, though, I do disagree.  Yes, technically
> it is the sysadmin's responsability to secure his system appropriately.
> But a *lot* of the trouble we have in the Internet security world
> comes from the fact that this attitude is the norm, and a lot of
> inexperienced or incompetent sysadmins use the defaults and end up
> with vulnerable systems ("you need to change the default password
> on the database administrator's account" comes to mind here).  *This*
> particular issue is not a huge one, since it has to do with forensic
> support rather than 'lock the door' support; so I don't see any
> problem with the proposed (not-as-secure-by-default) solution
> in this case.
> 
> But in general I believe that all software should install by default
> in the most secure manner possible, and the docs should explain how
> to *relax* the security if the sysadmin deems it appropriate.
> 
> --RDM
> 
> 
> _______________________________________________
> Zope-Coders mailing list
> Zope-Coders@zope.org
> http://lists.zope.org/mailman/listinfo/zope-coders