10 lines
920 B
Plaintext
10 lines
920 B
Plaintext
== Ask Yourself Whether
|
|
|
|
* unauthorized users might have access to the logs, either because they are stored in an insecure location or because the application gives access to them.
|
|
* the logs contain sensitive information on a production server. This can happen when the logger is in debug mode.
|
|
* the log can grow without limit. This can happen when additional information is written into logs every time a user performs an action and the user can perform the action as many times as he/she wants.
|
|
* the logs do not contain enough information to understand the damage an attacker might have inflicted. The loggers mode (info, warn, error) might filter out important information. They might not print contextual information like the precise time of events or the server hostname.
|
|
* the logs are only stored locally instead of being backuped or replicated.
|
|
|
|
There is a risk if you answered yes to any of those questions.
|