How safe is running scripts in the console on production?

[Ivan Gretsky]

Good day!

I discovered the Tracy Debugger console not so long ago and now trying to make the best use of it. It is quick and easy to run simple maintenance scripts in it (of course, I do all the debugging on localhost first). But how save is it? And how to make it as safe as possible? What would be my settings on the production server for  this case?

 

[adrian]

Hi @Ivan Gretsky - glad you're enjoying it!

Not really sure what you mean by "safe". Are you worried that non-authorized users may have access to use it? There are no issues there. 

Otherwise, it's only as safe or dangerous as the code you run.

[Ivan Gretsky]

17 minutes ago, adrian said:

Are you worried that non-authorized users may have access to use it? There are no issues there.

Great!

There are a couple of other superusers and a bunch of users with different permissions on the site. I am trying to make sure nobody will have a chance to ruin it (but myself)))

I set these permissions:

• Enable Tracy Debuffer - true;
• Output mode - Development;
• Force superusers into DEVELOPMENT mode - true.

Is this good enough? How can I hide Tracy from other superusers?

[adrian]

I actually have a new version in the works that allows restricting Tracy completely from specific superusers - trouble is I've been really busy with client work and haven't managed to get it released yet. I also have other changes partially complete. I think for the moment, grab the version I posted for Pete: https://processwire.com/talk/topic/24932-feature-requests/?do=findComment&comment=210040 which will let you prevent your other superusers from messing with things. Keep in mind of course that as a superuser, they could still adjust their permissions to get around this limitation, but I expect that like Pete you're really just trying to make sure they don't do things accidentally, rather than maliciously. Let me know how that version goes for you - it would be good to get someone else testing before I release it.