commit b2a21fba08df7da1f7c82fd41e54797e38f2fd53
Author: Jim Rollenhagen <email address hidden>
Date: Tue Feb 24 21:56:53 2015 +0000
Do not default pecan_debug to CONF.debug
Pecan's debug mode can be terribly insecure; 500 errors return a
Python traceback, the full list of environment variables, and a
button to replay the request with a breakpoint.
Deployers often run OpenStack services in debug mode; doing so should
not open the service up to these flaws. Defaulting pecan_debug to
CONF.debug makes this easy to accidentally do. So, default it to False
rather than riding on top of CONF.debug.
Reviewed: https:/ /review. openstack. org/159591 /git.openstack. org/cgit/ openstack/ ceilometer/ commit/ ?id=b2a21fba08d f7da1f7c82fd41e 54797e38f2fd53
Committed: https:/
Submitter: Jenkins
Branch: master
commit b2a21fba08df7da 1f7c82fd41e5479 7e38f2fd53
Author: Jim Rollenhagen <email address hidden>
Date: Tue Feb 24 21:56:53 2015 +0000
Do not default pecan_debug to CONF.debug
Pecan's debug mode can be terribly insecure; 500 errors return a
Python traceback, the full list of environment variables, and a
button to replay the request with a breakpoint.
Deployers often run OpenStack services in debug mode; doing so should
not open the service up to these flaws. Defaulting pecan_debug to
CONF.debug makes this easy to accidentally do. So, default it to False
rather than riding on top of CONF.debug.
Change-Id: I70f9c9807d16aa 50df4d5e16ba2a2 9575f8b165e
Closes-Bug: #1425206
DocImpact