diff options
author | Marek Majkowski <marek@popcount.org> | 2013-06-13 17:29:14 +0100 |
---|---|---|
committer | Nick Mathewson <nickm@torproject.org> | 2013-06-24 11:22:34 -0400 |
commit | 10480dff01bece13fabb1d81fa847f95c3e839f0 (patch) | |
tree | 4b143ccc3ec42d6e04f46bab49eef57641b7d3bb | |
parent | 097f257078070eb1ebe2795550a813242d7ebdb2 (diff) | |
download | tor-10480dff01bece13fabb1d81fa847f95c3e839f0.tar.gz tor-10480dff01bece13fabb1d81fa847f95c3e839f0.zip |
Fix #5584 - raise awareness of safer logging - warn about potentially unsafe config options
-rw-r--r-- | changes/bug5584 | 4 | ||||
-rw-r--r-- | src/or/config.c | 15 |
2 files changed, 19 insertions, 0 deletions
diff --git a/changes/bug5584 b/changes/bug5584 new file mode 100644 index 0000000000..a81be00ae4 --- /dev/null +++ b/changes/bug5584 @@ -0,0 +1,4 @@ + o Minor features: + - Raise awareness of safer logging - notice user of potentially + unsafe configuration options: logging above "notice" or + clearning SafeLogging flag. Fixes #5584. diff --git a/src/or/config.c b/src/or/config.c index e3ffbf2086..09cbdcfbdb 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -1005,6 +1005,7 @@ options_act_reversible(const or_options_t *old_options, char **msg) int set_conn_limit = 0; int r = -1; int logs_marked = 0; + int old_min_log_level = get_min_log_level(); /* Daemonize _first_, since we only want to open most of this stuff in * the subprocess. Libevent bases can't be reliably inherited across @@ -1153,6 +1154,13 @@ options_act_reversible(const or_options_t *old_options, char **msg) control_adjust_event_log_severity(); tor_free(severity); } + if (get_min_log_level() >= LOG_INFO && + get_min_log_level() != old_min_log_level) { + log_warn(LD_GENERAL, "Your log may contain sensitive information - you're " + "logging above \"notice\". Please log safely. Don't log unless " + "it serves an important reason. Overwrite the log afterwards."); + } + SMARTLIST_FOREACH(replaced_listeners, connection_t *, conn, { log_notice(LD_NET, "Closing old %s on %s:%d", @@ -1335,6 +1343,13 @@ options_act(const or_options_t *old_options) } #endif + if (options->SafeLogging_ != SAFELOG_SCRUB_ALL && + (!old_options || old_options->SafeLogging_ != options->SafeLogging_)) { + log_warn(LD_GENERAL, "Your log may contain sensitive information - you " + "disabled SafeLogging. Please log safely. Don't log unless it " + "serves an important reason. Overwrite the log afterwards."); + } + if (options->Bridges) { mark_bridge_list(); for (cl = options->Bridges; cl; cl = cl->next) { |