Re: Entire process's environment attached to bugzillas by ABRT

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, Nov 27, 2014 at 07:02:00PM +0100, Jan Kratochvil wrote:
> On Thu, 27 Nov 2014 16:23:57 +0100, Jakub Filak wrote:
> > Do you find 'environ' attachment valuable or is ABRT just publishing personal
> > information?
> 
> No but I can imagine in some cases it may be useful.
Is this a problem in practice? I don't recall ever seeing anything
private in the hundreds of abrt traces I looked at.
I checked the enironment of my shell, nothing interesting there, and
I'm not aware of any services using environment variables to pass
authentication data. If anything, the cwd and open fds reveal the most
information, but they are also one of the most useful parts (in my
experience, that is version strings and backtrace followed by open fds).

> Couldn't there be a way to send additional information upon bug assignee's
> request?  That would be typically useful with the core files but reporters
> always said they cannot find the core file anywhere.
Actually if the scheme that Jakub is working on is adopted and
coredumps are stored by systemd, they will be available for longer,
and it should often be possible to request a coredump after the fact.

But in general depending on user help after the fact is most often
futile. I wouldn't go there unless actual complaints about exposed
data appear.

Zbyszek
-- 
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct





[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux