API Log Integrity #3
Conversation
|
Ok merged - just wondering if it would be better to make read-only the default for viewing access logs in the admin screen? |
|
@lingster ultimately yes, from a security standpoint it would be best to default to "read-only". I did not default to that initially because of backwards compatibility. By defaulting to still writeable, you can essentially not use any of the new config and your package will continue to work as it has previously. I find that most package maintainers prefer to introduce a new feature (unless it is a major security risk) as a non-breaking change (with a notice or warning) first and then in the next release moving it to a more secure code/config option. That gives developers time to become aware and make changes to their systems/processes as necessary. |
|
I guess as this is a fork of the original, maybe we can just enable read-only in the next release and put a note in the release notes... |
Added support for persistent usernames (if user model object is deleted). Added support for the log to be read-only in Django admin. Defaults are configured for full legacy support.
These are two "security" related patches that I find myself constantly backloading into projects with this package. Figured I would clean it up into something that others might find useful.