Too much detail in this error message from EAlemmy.mlimage RoadArchie ( @RoadArchie@lemmy.ml ) Programmer Humor@lemmy.mlEnglish • 10 months ago message-square19fedilinkarrow-up1354
arrow-up1354imageToo much detail in this error message from EAlemmy.ml RoadArchie ( @RoadArchie@lemmy.ml ) Programmer Humor@lemmy.mlEnglish • 10 months ago message-square19fedilink
minus-square MonkderZweite ( @MonkderZweite@feddit.ch ) linkfedilink3•10 months agoThin line between giving useful error messages and more attack surface.
minus-square Johanno ( @Johanno@feddit.de ) linkfedilink5•10 months agoIf your code gives attack surface by information about what went wrong maybe you should not even deploy anything. If your code needs to be secret to be secure your code is anything but secure.
minus-square MonkderZweite ( @MonkderZweite@feddit.ch ) linkfedilink4•10 months agoNot code but internet. A often seen error is letting Appache/Nginx display their name & version in 403/404 pages. First step in planning an attack.
Thin line between giving useful error messages and more attack surface.
If your code gives attack surface by information about what went wrong maybe you should not even deploy anything. If your code needs to be secret to be secure your code is anything but secure.
Not code but internet. A often seen error is letting Appache/Nginx display their name & version in 403/404 pages. First step in planning an attack.