UNCLASSIFIED Yes, ideal solution. I agree DEBUG should show all...but having the passwords in clear text in the logs is generally undesirable.
Thanks Hugh. -Keith -----Original Message----- From: Hugh Irvine [mailto:[email protected]] Sent: Monday, 13 October 2014 10:35 AM To: Keith Morrell Cc: Alan Buxey; Vangelis Kyriakakis; Radiator Subject: Re: [RADIATOR] Hiding the LDAP Password attribute on Trace level 4 [SEC=UNCLASSIFIED] Hi all - We discussed this at length many times over the years and our decision was always that "DEBUG" meant show everything that is going on, otherwise debugging is very hard. I suppose we could consider two levels: "DEBUG" as it is now, and "DEBUGWITHOUTPASSWORDS" with passwords obscured. Thoughts? regards Hugh On 13 Oct 2014, at 08:57, Keith Morrell <[email protected]> wrote: > UNCLASSIFIED > > We use debug level 4 on all our subprocesses (we use radiator proxies for > front ends) to gather detailed data about what's going on - it's just the way > we like it. > > Personally, I think showing any passwords in clear text in logs is > generally not a good idea... > > -Keith > > > From: Alan Buxey [mailto:[email protected]] > Sent: Monday, 13 October 2014 8:49 AM > To: Keith Morrell; Vangelis Kyriakakis; Radiator > Subject: Re: [RADIATOR] Hiding the LDAP Password attribute on Trace > level 4 [SEC=UNCLASSIFIED] > > Why would you be running in this mode? Surely only debug level that > high for debugging? And how could you be sure that the issue want due > to incorrect password? ;) > > alan > _______________________________________________ > radiator mailing list > [email protected] > http://www.open.com.au/mailman/listinfo/radiator -- Hugh Irvine [email protected] Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP, DIAMETER, SIM, etc. Full source on Unix, Linux, Windows, MacOSX, Solaris, VMS, NetWare etc. _______________________________________________ radiator mailing list [email protected] http://www.open.com.au/mailman/listinfo/radiator
