auth.idl: mark confidential attributes as [noprint]
Stefan (metze) Metzmacher
metze at samba.org
Fri Jun 15 03:41:29 MDT 2012
Hi,
>> via 8cca7b0 s3:smb2_server: remember the request_time on an incoming request
>> via d8b3687 s3:smbd: remember the request_time on an incoming request
>> via 59733d9 heimdal:lib/hdb: <config.h> needs to be the first header
>> via 8d3a291 auth.idl: mark confidential attributes as [noprint]
>> from b27f888 s3:vfs: change files_struct.fnum from int to uint64_t
>>
>> http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
>>
>
>> commit 8d3a2914d8dfae4b9e4e9537aea87748d5456bb4
>> Author: Stefan Metzmacher <metze at samba.org>
>> Date: Thu Jun 14 17:52:23 2012 +0200
>>
>> auth.idl: mark confidential attributes as [noprint]
>>
>> We should allow NDR_PRINT_DEBUG() to log them.
>>
>> TODO: we could add some more magic which logs it at level 100.
>>
>> metze
>
> We need to do a similar thing in LDB, so that attributes hidden over
> ldap (the passwords essentially) are not included in the logs. Too
> often I've been sent someone's krbtgt keys in a log I've asked for.
maybe also things from netlogon.idl, samr.idl, lsa.idl and drsuapi.idl
metze
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 262 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20120615/64e5ffa9/attachment.pgp>
More information about the samba-technical
mailing list