|
|
|
|
|
|
by gozo
3906 days ago
|
|
|
I wouldn't assume people didn't read the docs so much as they made a mistake deploying (part of) a development setup to production. Security isn't an all or nothing thing, it's about having a good chance of doing the right thing. I think having to explicitly enable the interactive part, something that isn't really standard either, would be sensible e.g. app.run(debug=True, debug_shell=True). At least that would make people even more aware and limit the potential of incidents to those who actually use the feature. It's not exactly uncommon that people leak errors, remote code execution is another level though. It doesn't hurt to be careful with such a feature. |
|
|
It's still only a way to prevent greater damage, you should still not run the debugger enabled in prod.