On Thu, Nov 27, 2014 at 07:02:00PM +0100, Jan Kratochvil wrote: > On Thu, 27 Nov 2014 16:23:57 +0100, Jakub Filak wrote: > > Do you find 'environ' attachment valuable or is ABRT just publishing personal > > information? > > No but I can imagine in some cases it may be useful. Is this a problem in practice? I don't recall ever seeing anything private in the hundreds of abrt traces I looked at. I checked the enironment of my shell, nothing interesting there, and I'm not aware of any services using environment variables to pass authentication data. If anything, the cwd and open fds reveal the most information, but they are also one of the most useful parts (in my experience, that is version strings and backtrace followed by open fds). > Couldn't there be a way to send additional information upon bug assignee's > request? That would be typically useful with the core files but reporters > always said they cannot find the core file anywhere. Actually if the scheme that Jakub is working on is adopted and coredumps are stored by systemd, they will be available for longer, and it should often be possible to request a coredump after the fact. But in general depending on user help after the fact is most often futile. I wouldn't go there unless actual complaints about exposed data appear. Zbyszek -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
