[issue13737] bugs.python.org/review's Django settings file DEBUG=True

Ezio Melotti added the comment: I now set DEBUG = False in gae2django/settings.py and rietveld/settings.py. -- nosy: +ezio.melotti resolution: -> fixed stage: -> committed/rejected status: open -> closed ___ Python tracker

[issue13737] bugs.python.org/review's Django settings file DEBUG=True

Éric Araujo added the comment: (FWIW this tracker is used for what is distributed as CPython, please use the metatracker (link on the left “Report Tracker Problem”) for future reports. Thanks) -- nosy: +eric.araujo ___ Python tracker

[issue13737] bugs.python.org/review's Django settings file DEBUG=True

Georg Brandl added the comment: While the actual code may be accessible to everyone, the server configuration (paths etc. -- just look at the page; at least the session secret key and passwords are masked by Django) are not, and exposing that can be a security problem as well. And while I ag

[issue13737] bugs.python.org/review's Django settings file DEBUG=True

Bithin A added the comment: The bugs.python.org/review is a running application and it is very bad to see debug error messages. -- ___ Python tracker ___ __

[issue13737] bugs.python.org/review's Django settings file DEBUG=True

Martin v. Löwis added the comment: I disagree that this is a security issue, or an issue at all. All source code of the site is in a public subversion repository, available for review to any attacker (as well as any security review) - and that is deliberately so because we fundamentally belie

[issue13737] bugs.python.org/review's Django settings file DEBUG=True

Changes by Georg Brandl : -- assignee: -> loewis nosy: +loewis priority: normal -> high title: bugs.python.org's Django settings file DEBUG=True -> bugs.python.org/review's Django settings file DEBUG=True ___ Python tracker