Are there any security issues leaving the PDB debug files on the live servers?

.net asp.net security pdb-files
Tore Nestenius picture Tore Nestenius · Jun 1, 2009 · Viewed 10.1k times · Source

Are there any security issues keeping the .NET PDB files on the real server?

I know that throwing exceptions might take a bit longer , but who throws exceptions during normal execution anyway? :-)

But from a security perspective? any issues?

Answer

dommer picture dommer · Jun 1, 2009

If your system isn't secure with the PDBs, it's probably not secure without them. Obviously, it depends how valuable the better error reports are to you. Personally, I value that a lot, so tend to deploy the PDBs.

Related questions

What is the App_Data folder used for in Visual Studio?

When creating a new ASP.NET application in Visual Studio, a couple of files and folders are created automatically. One of those folders is called App_Data. Also when publishing a website by selecting the menu option Build->Publish …

Read More
User Group and Role Management in .NET with Active Directory

I'm currently researching methods for storing user roles and permissions for .NET based projects. Some of these projects are web based, some are not. I'm currently struggling to find the best method to achieve what I'm looking for in a …

Read More
How can I avoid SQL injection attacks in my ASP.NET application?

I need to avoid being vulnerable to SQL injection in my ASP.NET application. How might I accomplish this?

Read More