-
Bug
-
Resolution: Fixed
-
Minor
-
3.5.11, 3.6.9, 3.7.5, 3.8.2
-
MOODLE_35_STABLE, MOODLE_36_STABLE, MOODLE_37_STABLE, MOODLE_38_STABLE
-
MOODLE_38_STABLE
-
MDL-68276-replace-logs -
This is a bug in that a compromised admin account can use this to cover it's tracks to some degree.
This was found while testing MDL-68193
1) I did a search and replace, which is now correctly logged (see MDL-68193)
2) But I can use the search and replace to manipulate the logs as well:
3) Showing the now re-written logs:
This isn't confined to this new event, you can replace anything in the logs.