Re: [Test-Announce] 2013-10-16 <at> 16:00 UTC - F20 Beta Blocker Bug Review #4

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, 2013-10-16 at 12:50 +0000, "Jóhann B. Guðmundsson" wrote:
> On 10/16/2013 11:59 AM, Richard Ryniker wrote:
> > Unnecessary "private" designation for a bug report might be due to
> >
> >    https://bugzilla.redhat.com/show_bug.cgi?id=1011916
> >
> > which complains that a bug reporter has to decide about "private" status
> > before possibly sensitive information in the report can be examined.
> 
> No private information is supposed to be sent over the wire or be 
> harvested by the reporting tool or anything that is automatically filed 

Well, that's kind of impossible. Sometimes a backtrace is going to
contain sensitive information. It can't really be any other way. You
can't stop a backtrace collection tool from collecting it. You can try
to filter it out as best as possible, but you're never going to be 100%
accurate.

> ( if it does we have a serious problem ) and the reporter is supposed to 
> be responsible for sanitizing his log before submitting them.

That's more or less what Richard is talking about. abrt tries to detect
if anything in the submitted report might be sensitive (as well as
trying to avoid including any expected-to-be-sensitive info whenever
possible) and offers to flag the report as private if it thinks so. Not
perfect, but better than nothing. There are various issues with its
method of doing this which I've reported recently, so it ought to be
improving...

Still, this isn't the case we were dealing with here, it was the
clone-of-a-private-RHEL-bug thing.
-- 
Adam Williamson
Fedora QA Community Monkey
IRC: adamw | Twitter: AdamW_Fedora | XMPP: adamw AT happyassassin DOT net
http://www.happyassassin.net

-- 
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe:
https://admin.fedoraproject.org/mailman/listinfo/test





[Index of Archives]     [Fedora Desktop]     [Fedora SELinux]     [Photo Sharing]     [Yosemite Forum]     [KDE Users]

  Powered by Linux