[Opensource] Proposed Error handling change
Michael Rimov
rimovm at centercomp.com
Mon Sep 29 15:32:28 PDT 2003
Hey all,
I'd like to propose a change in some of the error handling that is security
related.
I would like to see DBExceptions stripped out of messages that are
displayed to the user.
Security reason example:
If the back end database is down, then DBExceptions, depending on the
driver implementation, may expose the internal ip of the database. [REALLY
bad!]
Proposed solution:
In the error handler for Controller, process the exception looking for
nested DBExceptions. If one is encountered, then send the whole exception
to the SYSERROR system event, and log the message. But re-throw a
"Internal Error has occurred" error.
That way, there is NO chance that the user will get that kind of internal
information. Then on top of that, the admin still gets the whole error in
his email to help track the errors... and if all else fails, the log still
gets the exception.
What do you guys think?
-Mike
More information about the Opensource
mailing list