Am Freitag, den 09.11.2007, 12:18 -0500 schrieb Yaakov Nemoy: > On Nov 9, 2007 11:53 AM, nodata <lsof@xxxxxxxxxxxx> wrote: > > > 2) Are there any privacy concerns? Remember smolt is voluntary, and > > > > A loaded question! > > > > > so far we don't link any information to machines other than a single > > > UUID that is privately stored. > > > > Sometimes it *is* useful to give out a smolt UUID to let someone (e.g. a > > kernel developer) get at hardware information for a bug report. That's > > okay. If you then "extended" smolt to give out more information (it > > won't stop here btw), then some of those people won't provide that > > information any more, unless they can choose which information they > > send. > > We do know about some of the standing privacy concerns, but > implementing the solutions is more a time issue. I have winter break > from school in about six weeks, so I'll have a month of cold weather > to inspire some good smolt hacking. Until then, I'm just going over > an idea brought up. > > Access controls on the UUID script - Probably a trivial patch to make > it root readable only. I should probably file a bug on it. Done: https://bugzilla.redhat.com/show_bug.cgi?id=373211 > > Selective information submission - Probably also a good idea, though > the implementation is less than trivial. > > Giving out a secondary UUID that has access controls applied - In our > bug reports, the solution is far from trivial, and the number one > thing to do as soon as the semester is over. > > We're always listening for ideas about security and privacy, of > course, if you have more good points. :) > > Cheers, > Yaakov > -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
