davidcoutadeur

Here is the status of audit feature. I have compiled LSC from master branch (1b800cc7), with openjdk 17. I have tested on a simple use case OpenLDAP -> OpenLDAP with...

The logback configuration seems more complete than audit. Here is the status of my tests about the logback configuration. I have compiled LSC from master branch (https://github.com/lsc-project/lsc/commit/1b800cc780fb50ad9330a80cda73bc307d479334), with openjdk 17....

Given the analysis above, I think the audit is redundant, and can be replaced by logback configuration. I am going to remove it.

- [x] Proposition of removal of audit logs is done in #288 - [x] removal of audit logs in documentation is done in PR: https://github.com/lsc-project/documentation/issues/7 - [ ] Need to...

Last point in the todo-list will be treated in a dedicated issue: #294 So current issue is to be closed.

In debian lsc packages, I have not found in reference to tmp directory in `/usr/bin/lsc`, nor `/etc/lsc/*` Maybe this problem is only present in source files.

Not so easy. LOG_DIR in bin/lsc is used only for logging start and end of lsc run. The main problem is to fix logback.xml: ``` ``` I am working on...

Done in 77ff84bf

When working on this issue, don't forget to pull the captcha refactoring work done in #894 (pushed on master)

Not sure this security issue is really usable: 1. The victim is receiving an unsolicited, shifty password change mail 2. the attack does not work if you have enabled the...