[issue13737] bugs.python.org/review's Django settings file DEBUG=True
Martin v. Löwis
report at bugs.python.org
Sun Jan 8 21:51:46 CET 2012
Martin v. Löwis <martin at v.loewis.de> added the comment:
I disagree that this is a security issue, or an issue at all. All source code of the site is in a public subversion repository, available for review to any attacker (as well as any security review) - and that is deliberately so because we fundamentally believe in openness of source code.
I fail to see why making the traceback available would pose any additional threat. Having the traceback is lightly helpful when people actually do encounter bugs and report them.
----------
priority: high -> normal
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue13737>
_______________________________________
More information about the Python-bugs-list
mailing list