CodeBleu commented on issue #9512: URL: https://github.com/apache/cloudstack/issues/9512#issuecomment-2305893457
> the first issue with `access.log` has been discussed before users can redirect the file access.log to /dev/null as suggested by @DaanHoogland > > the second issue (vpn user password are displayed in management-server.log) seems to only impact vpn user. I was able to reproduce the issue. it may not deserve a security release. I will have a look > > cc @rohityadavcloud @DaanHoogland @sureshanaparti @DaanHoogland do you have the link to what @weizhouapache is talking about for the `access.log` to /dev/null? Depending on what that says, I'm not sure if that is an acceptable solution for me, because I want to see the `access.log`, but I don't want to see the passwords in it. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: commits-unsubscr...@cloudstack.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
