< Previous by Date	Date Index	Next by Date >
< Previous in Thread	Thread Index

RE: [reSIProcate] Message::operator<<

From: "Jason Fischl" <jason@xxxxxxxxxxxxxx>
Date: Mon, 19 Jul 2004 11:08:08 -0700

If you log to syslog (which is the default on linux), no binary content will
be output to the log. In the case of file-based logging, david's suggestion
will work.

Jason


> -----Original Message-----
> From: resiprocate-devel-bounces@xxxxxxxxxxxxxxxxxxx
> [mailto:resiprocate-devel-bounces@xxxxxxxxxxxxxxxxxxx]On Behalf Of
> Cullen Jennings
> Sent: Monday, July 19, 2004 10:49 AM
> To: Rohan Mahy; david Butcher
> Cc: ReSiprocate-sipfoundry
> Subject: Re: [reSIProcate] Message::operator<<
>
>
>
> I'm not going to explain it here but there are "bad" (read root
> compromise)
> things that happen on Sun and Linux if you allow the binary content of the
> message to get displayed (including stuff that may be valid Unicode). I
> recommend we do force logged output to be ascii printable
> characters one way
> or another.
>
> Cullen
>
>
> On 7/15/04 4:03 PM, "Rohan Mahy" <rohan@xxxxxxxxx> wrote:
>
> >
> > On Jul 15, 2004, at 2:40 PM, david Butcher wrote:
> >
> >>
> >> If we feel that strongly about it, we can do something inside logging.
> >> Forcing the cost onto the inserter in general seems wrong.
> >
> > agreed on both counts.
> >
> > thx,
> > -r
> >
> >>
> >> david
> >>
> >>> -----Original Message-----
> >>> From: Rohan Mahy [mailto:rohan@xxxxxxxxx]
> >>> Sent: Thursday, July 15, 2004 2:28 PM
> >>> To: david Butcher
> >>> Cc: resiprocate-devel@xxxxxxxxxxxxxxxxxxx; Rohan Mahy
> >>> Subject: Re: [reSIProcate] Message::operator<<
> >>>
> >>>
> >>> Hey,
> >>>
> >>> This really concerns me from a security point of view.  If there is
> >>> any
> >>> chance that an attacker can use a program that just writes out a
> >>> message to a log (for example) as an attack vector then I think we
> >>> should pay the performance penalty to protect the app developer.
> >>>
> >>> thx,
> >>> -r
> >>>
> >>> On Jul 15, 2004, at 1:19 PM, david Butcher wrote:
> >>>
> >>>> Hi all,
> >>>>
> >>>> I removed the the call to escaped() in Message::operator<<.
> >>>> This was an efficiency hit and breaks UTF-8.
> >>>>
> >>>> Apps calling only msg->encode(stream) are not exposed to this
> >>>> problem.
> >>>>
> >>>> We don't deal with %xx encoding on the read side anyway.
> >>>> I have some ideas about how to deal with this if any one needs to in
> >>>> the
> >>>> short term.
> >>>>
> >>>> Some of us have been careful to escape when outputting to the log.
> >>>> This change may reduce logging safety. If you want to encode a
> >>>> message
> >>>> going
> >>>> to the log,
> >>>> use << Data::from(*msg).escaped() rather than just << *msg.
> >>>>
> >>>> david
> >>>>
> >>>> _______________________________________________
> >>>> resiprocate-devel mailing list
> >>>> resiprocate-devel@xxxxxxxxxxxxxxxxxxx
> >>>> https://list.sipfoundry.org/mailman/listinfo/resiprocate-devel
> >>>
> >>>
> >
> > _______________________________________________
> > resiprocate-devel mailing list
> > resiprocate-devel@xxxxxxxxxxxxxxxxxxx
> > https://list.sipfoundry.org/mailman/listinfo/resiprocate-devel
>
>
> _______________________________________________
> resiprocate-devel mailing list
> resiprocate-devel@xxxxxxxxxxxxxxxxxxx
> https://list.sipfoundry.org/mailman/listinfo/resiprocate-devel
>

References:
- Re: [reSIProcate] Message::operator<<
  - From: Cullen Jennings

Prev by Date: Re: [reSIProcate] Message::operator<<
Next by Date: [reSIProcate] Out-of-Dialog OPTIONS Handling added to DUM
Previous by thread: Re: [reSIProcate] Message::operator<<
Next by thread: [reSIProcate] RE: resiprocate-devel Digest, Vol 3, Issue 14
Index(es):
- Date
- Thread