[Twisted-Python] Re: [Twisted-commits] log stderr and non-zero exit code in CGIs, don't show info to users as it is a security risk (closes issue #241)
On Thursday, August 28, 2003, at 10:32 AM, itamarst CVS wrote:
log stderr and non-zero exit code in CGIs, don't show info to users as it is a security risk (closes issue #241)
We shouldn't swallow errors in these situations. If it's a security risk, provide a way for the server administrator to turn it off, but this is a _bad_ default. If you doubt the wisdom of making this default, please consult any number of Perl FAQs of the form: Q. "I wrote a CGI and it works perfectly, but now I moved it to another server and I get nothing but a "500 Internal Server Error" page. How do I tell what went wrong!?!?!?" A. Look in your apache logs. --- Q. "I looked at my apache logs and nothing makes sense! How do I tell what the error was??!" A. ... Also, could you clarify the security risk of displaying stderr from CGI scripts? I've never heard of a CGI that puts security-critical information on stderr rather than stdout and makes it a risk to display to users.
On Thu, 28 Aug 2003 19:16:09 -0500 Glyph Lefkowitz <glyph@twistedmatrix.com> wrote:
Also, could you clarify the security risk of displaying stderr from CGI scripts? I've never heard of a CGI that puts security-critical information on stderr rather than stdout and makes it a risk to display to users.
If it's a python script it's probably going to be a traceback. Also, I don't care about the Perl FAQ :) If you can't figure out how to read the exact same info out of a logfile, you shouldn't be trying to debug a CGI script. -- Itamar Shtull-Trauring http://itamarst.org/ Available for Python & Twisted consulting
On Thursday, August 28, 2003, at 07:50 PM, Itamar Shtull-Trauring wrote:
Also, I don't care about the Perl FAQ :) If you can't figure out how to read the exact same info out of a logfile, you shouldn't be trying to debug a CGI script.
Well, I'll defer to a poll, here, if anyone is interested in this issue. In the absence of more than one user's feedback putting it one way or the other, I will revert this change.
On Thu, 28 Aug 2003 19:59:37 -0500 Glyph Lefkowitz <glyph@twistedmatrix.com> wrote:
Well, I'll defer to a poll, here, if anyone is interested in this issue. In the absence of more than one user's feedback putting it one
way or the other, I will revert this change.
Only revert the removed HTML output - it should be logged to the log file regardless. -- Itamar Shtull-Trauring http://itamarst.org/ Available for Python & Twisted consulting
Well, thanks to the few users who responded to me privately. The feeling seems to be unanimously in favor of leaving the output on by default: however, there is also widespread agreement that we need a better error-reporting mechanism in general so that we can look at these sorts of things in a persistent manner without grepping through logfiles all the time. On Thursday, August 28, 2003, at 08:26 PM, Itamar Shtull-Trauring wrote:
Only revert the removed HTML output - it should be logged to the log file regardless.
Will do.
participants (2)
-
Glyph Lefkowitz
-
Itamar Shtull-Trauring