[Zope-Coders] new zLOG

Wed, 4 Dec 2002 15:11:13 -0500 (EST)

On 2 Dec 2002, Chris McDonough wrote:
> The obvious fallback would be to turn logging off completely until it's
> enabled by the sysadmin... Zope 2 did this for a long time, but it
> proved very painful.

Would that really improve the security stance?  The most likely
thing for a hacker to do is simply delete the log files, which seems
to me to be a similar result to not having them in the first place
<grin>.  So logging by default to a file seems acceptable in this
context.

--RDM