[FEATURE REQUEST] Paranoid logging mode

Question

[FEATURE REQUEST] Paranoid logging mode

nitnelave opened this issue 6 months ago · 0 comments

Motivation
Most people don't want to share actual domain names/user names/emails when reporting an issue. Yet they appear in the logs. In general though, they are useful for an admin: they want the actual information. We need something to sanitize the logs before sharing them.

Describe the solution you'd like
I can think of 2 ways to do it:

the intrusive way, with an LLDAP config option that affects everything that gets logged, in depth. That would likely require rewriting debug representations for almost every struct we manipulate, not great.
the post-processing way: a bunch of regex, guided by the configuration, to remove common known patterns of information leak, potentially replacing them with stable obfuscated identifiers (so that we can still correlate them). Maybe as an LLDAP subcommand rather than a separate tool so that it would read the config? Although the values we read are few and stable, it's probably better to just make it a separate tool. This can potentially miss values to sanitize, though.