popen(), sendmail: Success?

Michael Ströder michael at stroeder.com
Fri Apr 11 12:00:27 EDT 2003


Carsten Gaebler wrote:
> In article <v29im-ia2.ln1 at nb2.stroeder.com>, Michael Ströder wrote:
> 
>>For security reasons I'd be scared of printing an arbitrary exception 
>>message to stdout in a web application since it is sent to the user's browser!
> 
> Of course I wouldn't do that in a real world situation. It was just a simple
> example of how to handle an exception.

The problem is that people pick up those examples without further thinking. 
I already saw public web applications sending the full Python traceback to 
the browser... :-(

Ciao, Michael.





More information about the Python-list mailing list