On Nov 9, 2007 11:53 AM, nodata <lsof@xxxxxxxxxxxx> wrote: > > 2) Are there any privacy concerns? Remember smolt is voluntary, and > > A loaded question! > > > so far we don't link any information to machines other than a single > > UUID that is privately stored. > > Sometimes it *is* useful to give out a smolt UUID to let someone (e.g. a > kernel developer) get at hardware information for a bug report. That's > okay. If you then "extended" smolt to give out more information (it > won't stop here btw), then some of those people won't provide that > information any more, unless they can choose which information they > send. We do know about some of the standing privacy concerns, but implementing the solutions is more a time issue. I have winter break from school in about six weeks, so I'll have a month of cold weather to inspire some good smolt hacking. Until then, I'm just going over an idea brought up. Access controls on the UUID script - Probably a trivial patch to make it root readable only. I should probably file a bug on it. Selective information submission - Probably also a good idea, though the implementation is less than trivial. Giving out a secondary UUID that has access controls applied - In our bug reports, the solution is far from trivial, and the number one thing to do as soon as the semester is over. We're always listening for ideas about security and privacy, of course, if you have more good points. :) Cheers, Yaakov -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
