So just to clarify, what we're basically saying is that logging credentials in DEBUG is not ideal but is also not a vulnerability?
If that's the case I'll propose a more general OSSN that essentially says "all confidentiality bets are off when you run services with log level debug".
So just to clarify, what we're basically saying is that logging credentials in DEBUG is not ideal but is also not a vulnerability?
If that's the case I'll propose a more general OSSN that essentially says "all confidentiality bets are off when you run services with log level debug".