Welcome! Log In Create A New Profile

Advanced

(draft) Privacy by design - offer more convenient way to anonymize IPs in access log by default

Christian Theune
September 16, 2020 11:30AM
Hi!

first time posting here. I started working on a builtin-way for nginx to provide GDPR conformaing access logs reliably by default:

https://github.com/nginx/nginx/compare/branches/stable-1.18...flyingcircusio:ctheune-anonymize-by-default

This isn’t ready to be merged at this point as it suffers at least from two things:

a) I’m not a C programmer by nature and might be making stupid mistakes. This is “monkey see monkey do code”.

b) You likely do not want to have this on by default for everyone, so I’m expecting that this requires a config option (runtime or compile, with a slight preference to runtime from me).
The new built-in variable remote_addr_anon should be available by default in any case, though.

Some background: we tried implementing this purely by using a mapping approach, but this doesn’t make it a proper default as everybody defining an access log has to mention the proper format or accidentally IPs will leak. This happens over and over and we’d prefer a “privacy by design” approach very much.

There is a trac ticket (https://trac.nginx.org/nginx/ticket/868) that already discusses this, however the .1 is IMHO not a good approach to recommend as it suggests a real IP whereas our impression is that nulling the last byte in IPv4 and nulling the last 8 bytes in IPv6 is the proper approach and it’s directly visible that this is an anonymized IP.

Let me know what you think about this and - if you’d like to see this in the mainstream code - I’d appreciate if you give me the necessary hints to bring this code to the level of quality that is proper for nginx.

Kind regards,
Christian

--
Christian Theune · ct@flyingcircus.io · +49 345 219401 0
Flying Circus Internet Operations GmbH · http://flyingcircus.io
Leipziger Str. 70/71 · 06108 Halle (Saale) · Deutschland
HR Stendal HRB 21169 · Geschäftsführer: Christian Theune, Christian Zagrodnick

_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel
Subject Author Views Posted

(draft) Privacy by design - offer more convenient way to anonymize IPs in access log by default

Christian Theune 62 September 16, 2020 11:30AM

Re: (draft) Privacy by design - offer more convenient way to anonymize IPs in access log by default

Christian Theune 8 September 16, 2020 03:22PM

Re: (draft) Privacy by design - offer more convenient way to anonymize IPs in access log by default

Christian Theune 4 September 22, 2020 02:32AM

Re: (draft) Privacy by design - offer more convenient way to anonymize IPs in access log by default

Hung Nguyen 3 September 22, 2020 02:44AM

Re: (draft) Privacy by design - offer more convenient way to anonymize IPs in access log by default

Christian Theune 3 September 22, 2020 02:56AM

Re: (draft) Privacy by design - offer more convenient way to anonymize IPs in access log by default

itpp2012 5 September 22, 2020 03:20AM



Sorry, you do not have permission to post/reply in this forum.

Online Users

Guests: 62
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready