David Douthitt wrote:
Ricky Zhou wrote:
I don't think just showing code/non-sensitive debugging information is a
huge security problem. Consider that the code for the accounts system
is publicly viewable in CVS anyway (hooray for openness):
http://cvs.fedoraproject.org/viewcvs/fedora-accounts/?root=fedora.
Having the code publically available is one matter.
However, the error showed the following security-related items in any case:
* Python is being used (Risk: a hacker won't try Perl, Ruby, or shell
code...)
* Python v2.4.3 is being used (Risk: no need to guess at which cracks
will work...)
* PostgreSQL is being used (Risk: no need to try mySQL hacks....)
* Directory tree: /srv/web/accounts/ (Risk: no need to search out
location of code...)
Certainly, having the code being open is a risk but a calculated one
which is offset by the benefits.
In security, this is known as an "information leak." The best thing to
do is *hide* all of this information (which also leads to nicer "error"
pages for the user - no tech info, just a "sorry, nasty error: reported
to sysadmin, thanks." or some such.
We freely discuss all of the above items. It's a side affect of being
an open organization. Someone might as well just say "hey, I'm looking
at your accounts code and I'm wondering, what version of python are you
using, what version of postgres is on the back end?" Yes, the code dump
is ugly but the accounts system is being completely re-written so all
work to fix the current system has basically been put on hold, though
the complaint you have is a common one.
-Mike
