Beefy Boxes and Bandwidth Generously Provided by pair Networks
Do you know where your variables are?
 
PerlMonks  

Re: Re: Does fatalsToBrowser give too much information to a cracker?

by ehdonhon (Curate)
on Apr 10, 2002 at 15:56 UTC ( #158049=note: print w/ replies, xml ) Need Help??


in reply to Re: Does fatalsToBrowser give too much information to a cracker?
in thread Does fatalsToBrowser give too much information to a cracker?

the user should get a friendly "Sorry" screen, with instructions to try again, and a way to notify the webmaster

I think it depends on the application. If you are offering a free service, you can probably get away with this. If you are offering a service where you have customers that are paying for the usage of your page, you'll need to have more than just this.

Otherwise, you'll end up with a support department always trying to figgure out what to tell a customer whenever they write in and ask what went wrong.

In my experience, the best system is short descriptive error messages. These give clueful users enough info that they don't need to request support. It also gives your support department enough info to go on that they don't have to spend so much time helping the less-cluefull users (or bugging the programmers).

Your results may vary.


Comment on Re: Re: Does fatalsToBrowser give too much information to a cracker?

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://158049]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others wandering the Monastery: (5)
As of 2014-12-20 06:33 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    Is guessing a good strategy for surviving in the IT business?





    Results (95 votes), past polls