On 14/06/14 21:26, Wietse Venema wrote:
> 124522602BB: info: header Subject: This is a very long long header,
> which spans through several lines? in the MIME source and will serve to
> demonstrate that Postfix header_checks? is a little buggy, introducing
> spurious questi
> Naive people log long message headers in their entirety and with
> control characters left in place. Experienced know better.
Juan Luis Boya Garc?a:
> Experienced people know better, fine. So, what would experienced
> people do instead?
Experienced people do what I did: they restrict the amount of text
that is written per logfile entry, and they restrict the alphabet
that is allowed. They also try to limit the number of records that
can be written in a session, all this in order to thwart logfile
flooding attacks.
There have been security vulnerabilities where logfiles contained
carriage-return characters so that already-logged information would
be overwritten when viewed with a glass tty or bit-mapped display.
There have also been security vulnerabilities where escape character
sequences caused terminal emulators (xterm, etc.) to do interesting
things.
Wietse
