Re: [bug-buddy]: Custom scripts for your application
- From: Shaun McCance <shaunm gnome org>
- To: Andrew Sobala <aes gnome org>
- Cc: desktop-devel-list gnome org, Olav Vitters <olav bkor dhs org>, Brian Cameron <Brian Cameron Sun COM>
- Subject: Re: [bug-buddy]: Custom scripts for your application
- Date: Fri, 01 Dec 2006 12:33:43 -0600
On Fri, 2006-12-01 at 18:18 +0000, Andrew Sobala wrote:
> Shaun McCance wrote:
> > I think most (non-hacker) users will look at a stack trace and not
> > even bother trying to figure out where their personal information
> > might be inside it. Maybe adding a find dialog/bar would make them
> > a bit more likely to do so ("Does it say hotsexychicks.com in here
> > anywhere?"), but I doubt it would make much of a difference.
> >
> >
> >> PS. Just for reference, people *do* leak private data onto
> bugzilla
> >> regardless.
> >>
> >
> > Maybe we should find a way to make files submitted from Bug Buddy
> > private. A trusted few would have access to them. We'd have some
> > nice interface for reviewing submitted files, and the trusted few
> > could look through them for anything that looks, well, bad. If a
> > file is clean, it gets marked public. Otherwise, it is completely
> > deleted from the server.
> >
>
> I sort-of agree with all of that [1]. However, my argument is that
> the
> situation is no different for stacktraces and for custom scripts.
>
> --
> Andrew
>
> [1] I don't think we have the manpower to screen every trace that
> comes
> in, although automatic dup finding does mean it's now more plausible
> than it used to be. However, I agree with the sentiment :-)
You may be right. But we could probably trust maintainers to
review submitted files to their own products. This wouldn't
be providing a real privacy guarantee, of course. But it does
lessen the likelihood of some unscrupulous asshole writing a
script to scrape our bugzilla for passwords.
--
Shaun
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
