On 2/24/2012 4:26 AM, Swifty wrote:
> Bug 3274050 seems to have ground to a halt... fixed, but pending.
>
> It's not fixed in my tests of the 4.1.1 beta, and since this is the
> only one of my bugs which persists, it's the fly in my ointment.
>
> One consequence of this is a security exposure for me. I have a log
> file which has to be a+w so all processes can add log entries.
> However, it also has to be a+r as well, which means that processes can
> read each others log entries.
>
> I try to keep sensitive information out of the log, but it cannot be
> guaranteed...
>
The fix for this bug was accidentally omitted from the beta. We'll spin
a second beta version soon with the fix included.

Rick