On Fri, Jan 16, 2009 at 09:02:21AM -0500, Frank Warmerdam wrote: > Jochen Topf wrote: >> When using Mapserver with a database and there is an error connecting to >> the database the error message sent to the client contains the database >> connect string including the password! Thats never a good idea. Can this >> be changed somehow? > > Jochen, > > I would suggest you review: > > http://mapserver.org/development/rfc/ms-rfc-18.html
That seems like a rather complex solution and it falls short in several aspects: * Security should be the default, not some add-on * It only protects passwords not the rest of the information. Generally services should not leak any internal information to the outside world. Passwords are only the worst case here. But anything like host names, file names, database names, URLs auf cascaded WMSes etc. should not ever get outside! If there is an error this information should go into a log file. You can output a time stamp or some kind of id in the error message so that you can find the corresponding log messages. For servers only used internally where you don't mind the information leak or for debugging of a new setup there could be an option to output error messages to the client. But thats would only be an option which is off by default. See http://www.owasp.org/index.php/Top_10_2007-A6 for more on this. Jochen -- Jochen Topf joc...@remote.org http://www.remote.org/jochen/ +49-721-388298 _______________________________________________ mapserver-users mailing list mapserver-users@lists.osgeo.org http://lists.osgeo.org/mailman/listinfo/mapserver-users