Message150903
I disagree that this is a security issue, or an issue at all. All source code of the site is in a public subversion repository, available for review to any attacker (as well as any security review) - and that is deliberately so because we fundamentally believe in openness of source code.
I fail to see why making the traceback available would pose any additional threat. Having the traceback is lightly helpful when people actually do encounter bugs and report them. |
|
Date |
User |
Action |
Args |
2012-01-08 20:51:47 | loewis | set | recipients:
+ loewis, Bithin.A |
2012-01-08 20:51:46 | loewis | set | messageid: <1326055906.96.0.795836129307.issue13737@psf.upfronthosting.co.za> |
2012-01-08 20:50:43 | loewis | link | issue13737 messages |
2012-01-08 20:50:43 | loewis | create | |
|