On 14/06/14 22:58, Wietse Venema wrote: > Juan Luis Boya Garc?a: >> Experienced people know better, fine. So, what would experienced >> people do instead? > Experienced people do what I did: they restrict the amount of text > that is written per logfile entry, and they restrict the alphabet > that is allowed. They also try to limit the number of records that > can be written in a session, all this in order to thwart logfile > flooding attacks. > > There have been security vulnerabilities where logfiles contained > carriage-return characters so that already-logged information would > be overwritten when viewed with a glass tty or bit-mapped display. > > There have also been security vulnerabilities where escape character > sequences caused terminal emulators (xterm, etc.) to do interesting > things. > > Wietse Well, Postfix already cuts the header to a fixed length (as you can see in the example). And I find that fine.
Also, I don't pretend to record carriage return characters as part of my log messages. Indeed, I say they should be omitted in the circumstances specified by RFC 2822 section 2.2.3 (Long Header Fields). Juan Luis.
