Currently the provider will use /var/log/ibmca for the debug traces, but the directory needs to world writeable (mode 0777), which has security implications I believe. Ideally the location would be set by eg. an environment variable (eg. IBMCA_LOGDIR) or set in the config file and would default to eg. /tmp if not set by the user. I am pretty sure we don't want a wide open directory on a production system.
Currently the provider will use
/var/log/ibmca
for the debug traces, but the directory needs to world writeable (mode 0777), which has security implications I believe. Ideally the location would be set by eg. an environment variable (eg.IBMCA_LOGDIR
) or set in the config file and would default to eg./tmp
if not set by the user. I am pretty sure we don't want a wide open directory on a production system.