You can limit the debugging information available to users when they use the SAS Stored Process Web Application. Some of the information that is available by default (e.g., server environment variables and parameters, SAS log, etc.) may contain details that should not be publicly available.
The DebugMask parameter can be set in the web.xml file to specify, as a comma-separated list, the values that are allowed. Typically you will want to disallow the Env, Trace, and perhaps the Log options. You can accomplish this by omitting them from the values specified for the DebugMask parameter. The sample code at the right disallows all values of _DEBUG except "fields" and "time".