Security issuses and risks concerning debugging production environment

Question

I am doing some research about security vulnerability and risks concerning debugging production environments. I would like to get your opinions and about possible risks concerning such environments.

By debugging I mean not only inspecting software with debugger but also all kinds of debugging techniques like logging, testing, reviewing code and especially post mortem debugging using mini-dumps. I am especially interested in general issues and issues related to .NET framework. I would also like to hear about other risk concerning bug management process.

In following answer I also posted my current research results.

For future investigating I found this posts related:

• What's the risk of deploying debug symbols (pdb file) in a production environment?
• Good processes for debugging production environment? Copying data to Dev?
• Which are the dangers of remote debugging?

Answer 1

1) Most obvious issue is related to private data exposure. Using debuggers we have access to all data which was earlier loaded to process memory. This means that we are ignoring build in software access control logic. In many countries there are also legal issues with exposing private data to unauthorized people.

This is also an concern with logging, we should be careful what information we are logging, so that we have enough data to investigate bug cause but do not store vulnerable data (financial records, health-care records) in logs. There is also other general issue that usually our security level is not consistent regarding security of production database and log files.

.NET is addressing this issue with SecureSting class, but it is not eliminating the problem it only minimize data exposure length. For processing data we have to get string value in some point so if memory dump was taken when that processing was taking place secure information would be exposed in dump file. Other way to address this issue is preventing developers to access production data with data anonymisation before coping any data to local environments.

2) Another issue is risk involved in introducing new defects to software when fixing and investigating reported bugs. Bugs fixing process tends to be more ad-hoc then normal development process. It have some reasons, because existing in production bugs could be costing company money so there is pressure to fix them quickly.

The solution here is to maintain the same quality procedure which are being held with new features development process.