Zegnat
https://github.com/Zegnat
•
Apr 25
This totally slipped me by, so here we go. I do like the idea of logging things, and syslog() is probably the best solution unless we want to pull in something like PSR-3. More thoughts:
- I would not turn any logging on by default. I do think logging IPs with authentication requests makes sense, and I would simply never want to log any IPs by default. Especially when people running this on shared hosts might be feeding it into logs they themselves cannot clear.
LOG_FAILED_PASSWORDSsounds like a nice-to-have that needs massive disclaimers around it. We can’t work on the assumption that everyone is using a password manager. This means people are typing their passwords, and typos happen. This option sounds good, but if you over time fill logs with deviations of your real password, you better be making sure you are purging those logs real good. (Of course again with the problem thatsyslog()may be out of reach to the user who unwittingly turned this on.)
I can almost see us strategically dropping these into the source code, but commented. Anyone who understands syslog() and wants to use it to trip up other alarm bells on a server, will probably be OK uncommenting a couple of functions. Even if they aren’t well versed with PHP. This will at least keep it out of the hands of users who cannot see the possible side-effects.
Like the idea, just not sure how to execute it without giving users some flags in the config with huge warning disclaimers. And I don’t like warning disclaimers in what is supposed to be a simple single-purpose thing.
