popen(), sendmail: Success?

Michael Ströder michael at stroeder.com
Fri Apr 11 03:56:47 EDT 2003


Carsten Gaebler wrote:
> If your code appears in a CGI script, you should catch the exception and
> print it to stdout because otherwise the error would go to stderr which
> will not be captured by the webserver.
 > [..]
 > except:
 >   print "something went wrong:", sys.exc_type, sys.exc_value
 > [..]

For security reasons I'd be scared of printing an arbitrary exception 
message to stdout in a web application since it is sent to the user's browser!

stderr *is* captured by the web server and most times written to an error 
log. That's where those error messages belong. If you don't have access to 
the error log redirect stderr to a local web application log file.

Ciao, Michael.





More information about the Python-list mailing list