CONTEXT
I have a web app and I catch my exception globally to log them into a file inside my app (/app/log/app.log
). A public folder make impossible to browse outside as it is mounted to be served to the client (/public/index.php
).
I also use a modified version of Exception::getTraceAsString()
, which let me have the full strings instead of PHP truncating the strings in this trace (the code is really trivial, I will not put the class here because it is not relevant for the question I am asking).
Here is an example of what my app.log
file looks like:
2018-06-10 14:33:12.7016 (+02:00) [ERRO] Error of type PDOException catched
2018-06-10 14:33:12.7020 (+02:00) [DBUG] Error catched on line 22 of file C:\xampp\htdocs\my-app\app\bootstrap\database.php
2018-06-10 14:33:12.7026 (+02:00) [DBUG] #0 [internal function]: PDO->__construct('mysql:host=localhost;dbname=test;port=3306;adapter=;prefix=', 'root', '', Array)
2018-06-10 14:33:12.7028 (+02:00) [DBUG] #1 [internal function]: Phalcon\Db\Adapter\Pdo->connect(Array)
2018-06-10 14:33:12.7031 (+02:00) [DBUG] #2 C:\xampp\htdocs\my-app\app\bootstrap\database.php(22): Phalcon\Db\Adapter\Pdo->__construct(Array)
2018-06-10 14:33:12.7034 (+02:00) [DBUG] #3 C:\xampp\htdocs\my-app\public\index.php(7): include('C:\xampp\htdocs\my-app\app\bootstrap\database.php')
Knowing that i would like to dispose of those information outside my app, let us say SaaS service for storing and searching across various log destinations (which might potentially be visible by employee of the SaaS system).
PROBLEM
As you can see, my app.log
can sometimes contains sensible content like passwords.
QUESTION
Is there a state-of-the-art way to handle the sensibility of the content in our log traces?
Also, what about the security regarding the fact that absolute paths are visible in our logs?
Is there a state-of-the-art way to handle the sensibility of the content in our log traces?
Also, what about the security regarding the fact that absolute paths are visible in our logs?
The best thing you can do here is to encrypt the logs with a public key, for which the corresponding secret key is only known to your operations team and/or developers.
That is to say, I recommend using a sealing API to encrypt the log information.
Since you asked about state-of-the-art, I would specifically recommend sodium_crypto_box_seal()
/ sodium_crypto_box_seal_open()
here. (PHP 7.2+)
Collected from the Internet
Please contact [email protected] to delete if infringement.
Comments