Opened 9 years ago

Closed 9 years ago

Last modified 9 years ago

#5341 closed Bug (invalid)

Log files leaks information

Reported by: teuvoilmari Owned by:
Priority: Normal Milestone: None Set
Component: Daemon Version: 2.77
Severity: Normal Keywords: security
Cc:

Description

Transmission daemon writes a lot of messages to the system log. Most of these messages contain a name of a torrent.

Log files are often copied, piped and backed up to computers where people not originally using transmission can see them. It would be better to write the torrent ID (like in transmission-remote) to the log instead of the torrent name.

Change History (10)

comment:1 Changed 9 years ago by livings124

I don't see the benefit of this. File names seem to be more beneficial in the context of a log. Transmission doesn't make it available to others.

comment:2 Changed 9 years ago by collegeitdept

This should be corrected. The benefit is the potential privacy (preventing personal/embarrassment) and also potential legal concerns too.

By obfuscating the Torrent names with instead their Torrent ID - privacy can be a little more assured.

This really should be a concern for the developers and if you decide not to obfuscate the torrent file names… users MUST be notified in a large text at the beginning (similar to when you ask for donations) that Transmission is collecting log files and includes torrent file names.

This really is a serious concern.

comment:3 Changed 9 years ago by collegeitdept

On a serious note, how does one not see the grave and serious nature of this problem? There are major privacy issues here.

comment:4 Changed 9 years ago by freebourg

Most users run Transmission themselves. The ones using a third party provider (I'm thinking of seedboxes) have agreed to not use the service to download illegal content and are well aware the provider has access to all their data. After all it's all about trust. If you don't trust your provider don't use the service.

Plus, the provider has access to the files, so hiding the filenames in the logfiles would be useless.

I am more concerned of my boss reading my mail and spying my web sessions than SeedBoxProvider123 looking at the filenames I download...

I think what you are looking for is to write the log to a separate log file, which Transmission is able to.

comment:5 follow-up: Changed 9 years ago by jordan

Okay, first off: when it comes to the topic of "possible legal concerns" ... if you're worried about that, don't use Transmission. I don't mean that with a "wink wink" attitude either: if you're looking for an all-singing all-dancing piracy tool, both you and I would be happier if you use something else. That's simply not Transmission's goal or focus.

Now, I do have a lot more sympathy for the privacy-for-its-own-sake argument. However even in that light I don't yet see the problem:

  1. If privacy is a requirement, I don't see why you'd do anything on a system with an untrusted sysadmin? To my mind this is the key question.
  1. syslogging can be disabled by logging to a private file or to /dev/null. If opacity on the system is the goal, why tell syslog that your running Transmission at all?

Could walk me through a couple of concrete examples where these points don't address your concerns?

comment:6 follow-up: Changed 9 years ago by collegeitdept

@jordan

What tool would you use instead of Transmission?

Regarding logging... Can't the file names simply be hashed in the log file to make it a little more privacy conscious?

comment:7 in reply to: ↑ 5 ; follow-up: Changed 9 years ago by x190

Replying to jordan:

  1. syslogging can be disabled by logging to a private file or to /dev/null. If opacity on the system is the goal, why tell syslog that your running Transmission at all?

I would like to have a way to log all messages (Message Log + Console) to a file when using the Mac Client. One loses the Message Log when a crash occurs making it impossible to know what was happening just before the crash.

comment:8 Changed 9 years ago by livings124

  • Resolution set to invalid
  • Status changed from new to closed

I don't see why this is an issue. Transmission logs the file name is the console just like any other downloader app would. The information provided in these log messages are what anyone would expect.

comment:9 in reply to: ↑ 6 Changed 9 years ago by jordan

Replying to collegeitdept:

@jordan

What tool would you use instead of Transmission?

I wouldn't.

Regarding logging... Can't the file names simply be hashed in the log file to make it a little more privacy conscious?

If this ticket is going to go anywhere, the next step is for you to answer the questions I asked in comment:5 instead of ignoring them.

comment:10 in reply to: ↑ 7 Changed 9 years ago by jordan

Replying to x190:

I would like to have a way to log all messages (Message Log + Console) to a file when using the Mac Client. One loses the Message Log when a crash occurs making it impossible to know what was happening just before the crash.

That's an interesting idea but somewhat off-topic here

Note: See TracTickets for help on using tickets.