(Copied from my email to the mailing list)

On Fri, 8 Apr 2005 01:37 am, Robin Green wrote:
> It is accepted best practice to turn off stack traces
(or backtraces,
> or whatever Python people call them) in production,
so as to avoid
> accidentally revealing a little too much information
to a potential
> attacker.

So basically there needs to be a configuration option
that lets you send stack traces to a log file instead
of to the browser.