Forum: Ruby on Rails Logging of Form information in production environment.

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
8f15d89f469605e9e07a8b5ce5d3d5d1?d=identicon&s=25 Sean Wolfe (Guest)
on 2005-12-19 04:15
(Received via mailing list)
It seems that in the default Production environment, Rails logs posted
form data. Isn't this a security risk? Especially since a user
creation form puts this in the logfile:

Processing Base#index (for 127.0.0.1 at 2005-12-18 21:03:33) [POST]
  Parameters: {"user"=>{"password_confirmation"=>"mypassword",
"username"=>"seanwolfe", "lastname"=>"Wolfe", "firstname"=>"Sean",
"form"=>"edit", "password"=>"mypassword",
"email"=>"nobody@nowhere.com"}, "commit"=>"Signup"}

I'm not totally familiar with all the logging features, but for an
production environment shouldn't this be off by default?

--
Sean Wolfe
master nerd of
i heart squares, Co.

3711 N. Ravenswood Ave. #147 Chicago, IL 60613
Ph. (773) 531-6301  Fx. (773) 529-7041
http://www.iheartsquares.com
Ce60c4f78a63b0695e4dafc4bd7964f7?d=identicon&s=25 Lou Vanek (Guest)
on 2005-12-19 12:32
(Received via mailing list)
Yes, it's a security risk, but you can get some protection
by just changing the access level on the logs.
On Unix, it might be this,
   chmod 600 *.log
or apply this to the entire log directory.
Also, run your rails app with a special user account that has
minimal privileges.
Make sure code and db schema aren't world readable--that is
as much of a security threat as open passwords.
If the data you are collecting is sensitive and there is more
than one person who has password access to the logs you should
wrap sensitive db activity with,
   ActiveRecord::Base.silence
to have the logger temporarily turned off.
8e44c65ac5b896da534ef2440121c953?d=identicon&s=25 Ezra Zygmuntowicz (Guest)
on 2005-12-19 19:39
(Received via mailing list)
Also in production mode I usually don't want any of that stuff in
there since my apps are already tested and such. So i set the log
level to fatal and then all you get i the production logs is stack
traces when and exception happens. Also if you leave the logs at the
default level, they will quickly get huge.

Cheers-
-Ezra

On Dec 19, 2005, at 3:25 AM, Lou Vanek wrote:

> than one person who has password access to the logs you should
>> form data. Isn't this a security risk? Especially since a user
>> master nerd of
>
> _______________________________________________
> Rails mailing list
> Rails@lists.rubyonrails.org
> http://lists.rubyonrails.org/mailman/listinfo/rails
>

-Ezra Zygmuntowicz
Yakima Herald-Republic
WebMaster
http://yakimaherald.com
509-577-7732
ezra@yakima-herald.com
This topic is locked and can not be replied to.