Is it secure to send strace log to third-party person?

0

I have some specific software - a console to access remote equipment. At some time it's UI starts to slow down too much (not because lack of resources but because some bug in that program). Developer asked me to give him an strace log in that particular moment. I've done such log, but for now I'm worrying if there is some private data (logins, passwords, ips) which I cannot provide to third-party person. So I have my question - do strace log contains such information? And if so can I remove it and how? I tried to look through logfile I've made. but found nothing familiar. Need some help in that question.

user334

Posted 2016-01-05T19:41:52.910

Reputation: 1

Answers

0

A full strace log will include all of the data that the process reads and writes, possibly in hex.  ISTR that the default is to show only the first few bytes of each data transfer.  Assuming that you know some specific sensitive data, try converting the first few bytes of it to hex and searching the log for that.

If you trace only a period of time, the log will (obviously) include only what happened during that time; similarly, you can trace the entire execution of the process and then edit the log file down to only the critical period.  You can further restrict it, by command-line options, not to show reads and writes at all, but the result might not be useful at all for the developer.

G-Man Says 'Reinstate Monica'

Posted 2016-01-05T19:41:52.910

Reputation: 6 509

Asked: 2016-01-05T19:41:52.910

Viewed: 59 times

Active: 2016-01-05T20:06:11.103