Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Implications of deploying a Debug build of an application?

Tags:

c#

security

debugging

deployment

compiler-construction

I would like to know the pros and cons for deciding to deploy an application which was built in Debug (with debug symbol table) and opposed to Release mode where the symbols are stripped. There are other permutations like turn on optimisations for Debug and turning on debug symbols for Release.

The areas which I think may be of concern are (you might know others):

  • Security
  • Performance
  • Stability

But I am not an expert, so I am not sure of all the implications for which deploying a Debug application will have on these areas.

It might not be relevant, but this application is a C# .Net framework 3.5 (business app that manages terrabytes of data) for those concerned. This is an application for a (paying) client.

Are there any clear advantages or disadvantages in choosing to do this?

like image 696
Brock Woolf Avatar asked Sep 15 '10 02:09

Brock Woolf

2 Answers

Security: Debug and release managed code like C# is already vulnerable if not obfuscated. Protect your code with obfuscation, otherwise it can easily be copied, stolen, any security like encryption cracked(you mentionned in this case Terrabytes of data for a customer). I have answered a obfuscation question here. Also, make a key file and sign your assemblies.

Performance: Debug is definetly slower, should never release a debug build. If using AJAX would make each page request much heavier since the debug version is bigger. Set the debug flag to false your application config file, i have included a few similar reminder in this other question.

Stability: Debug uses more memory, and could be less stable if server has low memory. An advantage of having debug dlls is if the application fails, your pdb files would already be in place. The best practice is to keep the debug build somewhere safe for every release version you build. If a customer requires you to debug, backup his folder and replace it with your corresponding debug assemblies.

I have developped on an archiving product that also archived Terrabytes of data, and I would NOT recommend to deploy a debug build and would make sure it's obfucated, and file encryption methods encrypted with Dotfuscator.

like image 100
GenEric35 Avatar answered Oct 16 '22 22:10

GenEric35

You could also give them a release build with debug information.

like image 25
Steven Sudit Avatar answered Oct 16 '22 22:10

Steven Sudit
Sign in to Comment

Related questions

Service vs. Repository
Polymorphic engines, in managed languages?
PostSharp on assemblies I don't have source for
How do I Add an Event Handler To the RowUpdated event in a table adapter
Options for IoC Auto Wiring in Domain Driven Design
Compiler optimizations of anonymous types
C# Func<> and generics
Website Automation Using C# and WebBrowser
Will indexing a SQL table improve the performance of a LINQ statement?
Winforms data binding: Can a TypeConverter be used instead of the Format/Parse events?
WPF & MVVM: Save ScrollViewer Postion And Set When Reloading
Error : Could not register Hot Key using c#
Is there any way to get the PropertyInfo from the getter of that property?
How can I use NUnit to test a method with out or ref parameters?
What are general steps for me to port my project to mono?
how to add/insert conditional node into XML using linq to XML
How to avoid recursive triggering of events in WPF?
Data Context's SubmitChanges method causing a entity reference to be set to null
Why is the Winforms Click event slower than the MouseClick event?
Code Coverage on Lambda Expressions

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!