Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Is it safe to keep Log.i on production?

In my android application i extensively use Log.i, Log.e.

On these commands I usually pass SQLite queries or http rest urls that communicate with my application.

My question is: Is it safe to keep these logs when the application reaches the Play store ? If a user runs the application with his device connected on his computer will he be able to view the Log messages on his LogCat ?

like image 474
antoniom Avatar asked Apr 02 '14 11:04

antoniom


3 Answers

If the users connect the device to a computer and read the logcat, they can see all the log messages that your app generates.

A possible solution is use Proguard to remove (automatically) all the log messages.

More info on this answer: How to configure proguard to ONLY remove android logging calls

Hope it helps.

like image 84
sabadow Avatar answered Sep 29 '22 01:09

sabadow


Yes, the user will be able to read those log files. Is it 'safe'? Depends. Are your rest calls or sqlite queries a secret? All the network communication could be read anyways with wireshark for instance.

What I do when I release my apps is: I create my own Log class with methods i, d, e etc and use this Log class instead of the Android one, because then I can use a simple switch like boolean debug = true according to which I write to the LogCat or don't. That way I can leave all my log statements in the app. When you've written your own Log class, to use it all over your app, you can simply replace all

import android.util.Log; 

with

import your.package.Log; 

with Eclipse.

like image 37
fweigl Avatar answered Sep 29 '22 02:09

fweigl


Logging is a very handy debugging and diagnostic technique used by developers. Use the logging class provided as part of the Android SDK to log important information about your application to LogCat, but make sure you review your application’s logging implementation prior to publication, as logging has performance drawbacks.

Before releasing your application Review your log carefully so it doesn't leak any confidential data.

Logging is very important whenever your application is in testing mode. Logs will provide you current state and scenario of your application on current device. So it's very helpful whenever you will update your application.

Sometimes Google play rejects your application if they found your Logging mechanism violates the rules.

like image 42
Lavekush Agrawal Avatar answered Sep 29 '22 02:09

Lavekush Agrawal