On Wednesday 14 of January 2015 15:18:00 Florian Weimer wrote: > On 01/14/2015 02:27 PM, Marek Brysa wrote: > > Hi Matthias and Florian, > > > > I wasn't subscribed to the list so I can't reply directly to the thread. > > > > The data contained in the automatic bug report (uReport) is described > > here: > > https://github.com/abrt/faf/wiki/uReport > > It was designed with anonymity as a requirement and doesn't contain any > > user sensitive data, only a simple backtrace and some statistical info > > like OS version and related package versions. We don't save IP addresses > > where the reports are coming from. > > The current upload process does not ensure anonymity because of all the > logging the Fedora infrastructure does. Both the dialog text and the > policy need to reflect that. (ureport uploaders are likely > pseudonymous, at least as long only paths which are part of the OS > installation are reported.) > > > Reporting to Bugzilla may contain sensitive data (coredump), but is > > manual, for advanced users only and the user is required to do a review > > of the data. > Even the process environment may contain sensitive data. Only in rare > cases, it will be totally anonymous before manual scrubbing by the user. Sure, but ABRT *NEVER* reports automatically to Bugzilla. Correct me if I am wrong, but it is NOT expected that the reporting to Bugzilla is anonymous. Jakub _______________________________________________ legal mailing list legal@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/legal
