Re: [bug-buddy]: Custom scripts for your application
- From: Andrew Sobala <aes gnome org>
- To: Brian Cameron <Brian Cameron Sun COM>
- Cc: Olav Vitters <olav bkor dhs org>, desktop-devel-list gnome org
- Subject: Re: [bug-buddy]: Custom scripts for your application
- Date: Fri, 01 Dec 2006 17:58:00 +0000
Brian Cameron wrote:
Let's say some program generates a log file, and because this log file
is useful for debugging the maintainer specifies that the logfile should
be added to the bug report when it is created. This sounds good, but
what if there is some way that sensitive or private data can get into
the log. Then when the program crashes, this sensitive data gets put
in a public forum for all to see (if they know where to look).
#3 <signal handler called>
#4 0x00000005 in ?? ()
#5 0xb487cc71 in show_password_dialog (site=0x83ff2c0 "www.hotsexychicks.com", user=0x3777fef "bcameron")
#6 .....
Now, if it's not immediately obvious to anyone, *I just made that trace
up*. It is not real.
But the nature of a stack trace is that absolutely anything could be
leaked to bugzilla. This is why bug buddy makes it clear that you should
review the data sent for personal or private information. Adding data
from scripts to bug buddy has two ways it could go wrong - it can leak
data by accident, or it can be malicious. In the former case, I'd argue
for adding no more options because it's no more likely than leaking data
in the stack trace, and that's the reason that we ask the user to review
all data sent anyway. In the latter case, you've just installed
malicious code on your machine and all bets are off (there are much
easier ways to send data out of a system than via bug-buddy, anyway.....).
PS. Just for reference, people *do* leak private data onto bugzilla
regardless.
--
Andrew
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
