[Python-Dev] Re: privacy in log files?

Guido van Rossum guido@python.org
Wed, 19 Feb 2003 16:24:06 -0500


> They have to be group nobody or nogroup (depending on distribution)
> and group readable. World readable is not needed.

Though that is usually the intention of those groups...

> > So I'm still not convinced.  Or are there sites that
> > actually publish their log files on the web?  What would the point of
> > that be?  I'd be surprised if there wasn't a lot of other
> > privacy-sensitive data in such log files, and the complainers should
> > complain about the public logs rather than focusing on Python trying
> > to issue a useful error message.
> 
> True, but why stir up more noise ? The whole idea in itself
> has already caused endless discussions.

The fact that people are concerned about privacy doesn't mean they
aren't wrong.

> The message now prints the file name and the line number. I think
> that's good enough.
>
> BTW, there's also another reason not to print the source code line:
> since we know it contains non-ASCII data, it would clutter up the
> log file, possibly making it useless to other programs reading
> it. The same it true for interactive terminal sessions that could
> start to behave in strange ways after printing what they think are
> control characters.

Now that's a reason I can support.

--Guido van Rossum (home page: http://www.python.org/~guido/)