2) Security implications. Unfortunately, more than one site has been > launched with debug=True accidentally left on; all you need to do then is > stimulate a server error, and you have REPL shell access to the server. > This strikes me as a remarkably effective foot-gun :-) Before you get too > involved in the implementation, I'd want to know the security issues have > been locked down. >
Curious, how do you get REPL shell access to the server with DEBUG=True with a vanilla Django deployment? -- You received this message because you are subscribed to the Google Groups "Django developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-developers+unsubscr...@googlegroups.com. To post to this group, send email to django-developers@googlegroups.com. Visit this group at http://groups.google.com/group/django-developers. To view this discussion on the web visit https://groups.google.com/d/msgid/django-developers/363c7b06-5a62-453d-9253-68bcb24b4398%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
