May 11, 2014 12:28AM
I read the StackOverflow thread and it seems there are 2 teams ping-ponging
the problem:
- One says that it is a terminal problem and that control and escape
sequences should not be executed
- The other says that those features are userful and say that log files are
supposed to be text-only, thus readable safely in a terminal (no control
character should be there)

The advisory stands from the second point of view, which I tend to agree
with. If logs cannot be trusted, which are supposed to be filled wikth
text, then everything around monitoring (reading, parsing, copying) becomes
a nightmare.

What is the benefit of having those unescaped control characters in a log
file? Escaping them allows you to warn about their presence safely... and
that is directly exploitable by anything, once again safely.
*B. R.*
nginx mailing list
Subject Author Posted

Strange advisory

B.R. May 10, 2014 03:02PM

Re: Strange advisory

x64architecture May 10, 2014 03:42PM

RE: Strange advisory

Lukas Tribus May 10, 2014 03:46PM

Re: Strange advisory

B.R. May 11, 2014 12:28AM

Re: Strange advisory

itpp2012 May 11, 2014 05:12AM

Re: Strange advisory

Valentin V. Bartenev May 13, 2014 04:24AM

Re: Strange advisory

B.R. May 13, 2014 09:46AM

Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 337
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready