From: Barnett, J. <jef...@ya...> - 2009-11-24 20:17:49
|
We're trying to "clean up" our vufind docroot prior to moving to a new machine and I just discovered a huge "sqlnet.log" file in /usr/local/vufind/web. It seems to be a record of all the Oracle exceptions since we started the system ... possibly useful for debugging. BUT it is completely web accessible as http://myhost/vufind/sqlnet.log, thereby possibly assisting potential hackers. Question: When and where is it being generated, and what can/should I do to control its access? Or do I have some config params wrong? |