Demo Discussion
Forum Config Examples Contributions Vulnerabilities
  Discussion forum about ELOG  Not logged in ELOG logo
 Back  |  Find  |  Login  |  Help 
icon4.gif   obfuscate password in verbose logging, posted by Mark Bergman on Thu Apr 26 23:57:04 2012 
    icon2.gif   Re: obfuscate password in verbose logging, posted by Mark Bergman on Fri Apr 27 00:29:56 2012 
Message ID: 67254     Entry time: Fri Apr 27 00:29:56 2012     In reply to: 67253
Icon: Reply  Author: Mark Bergman  Author Email: mark.bergman@uphs.upenn.edu 
Category: Request  OS: Linux  ELOG Version: 2.9.1 
Subject: Re: obfuscate password in verbose logging  
> I'd suggest that the "-v" option hide passwords. If they need to be revealed for debugging

As a work around, I've changed the elogd startup script to do:

        /usr/local/sbin/elogd -v -c /usr/local/elog/elogd.cfg 2>&1 | perl -ne '$|=1; if ( $_ =~ /name="upassword"/
) {<>; <>;} else { print "$_";}' > /var/log/elog 2>&1 &

That simply throws away lines that match the pattern:

    name="upassword"

and the following 2 lines (the last of which contains the password).
ELOG V3.1.5-fe60aaf