Greetings,
* Andres Freund (andres@anarazel.de) wrote:
> On September 27, 2018 2:55:56 PM PDT, Stephen Frost <sfrost@snowman.net> wrote:
> >* Andres Freund (andres@anarazel.de) wrote:
> >> On 2018-09-27 17:41:56 -0400, Stephen Frost wrote:
> >> > Of course, if I'm missing something as to why the ascii-cleaning
> >makes
> >> > sense or is necessary, I'm all ears, but I'm just not seeing it.
> >>
> >> There's many reasons. For example you can send terminal control
> >> characters to the server. When somebody then looks at the log, you
> >can
> >> screw with them pretty good, unless they're always careful to go
> >through
> >> less (without -r). We should be *more* not *less* careful about this
> >> kind of hting.
> >
> >I seriously doubt we're going to start stripping usernames down to
> >ASCII
> >for them to be displayed in the log file.
>
> So? As you say, they are much more control from the a admins of the server. I guess at some point we should have
moreexpansive whitelisting than just ASCII, but that seems separate.
I still don't see that as a reason for tools to be suseptible to serious
issues if a funky user gets created and I'd be surprised if there
weren't other ways to get funky characters into the log file, but that's
all ultimately an independent issue from this. I'll add the comments as
discussed and discourage using the clean ascii function, but otherwise
keep things as-is in that regard.
Thanks!
Stephen
