> In NetEpi, we have an installation configuration option which will cause > the system to send an email message to designated email addresses > whenever a Python exception occurs. The message shows who the user was > and what their email address and other contact info is, as well as the > text of the Python traceback. It is quite useful. However, it would be > more useful if it sent information about the content of the context > variables at the time of the traceback (since NetEpi is a Web app which > has to retain state in a context namespace) - but we haven't enabled > that because that would leak potentially sensitive data in an > unencrypted email to us, the developers, who are not necessarily > authorised to see those confidential data. The point is that you need to > ensure that your "talkback" sytem does not become a security or > confidentiality hole which inadvertantly leaks confdential data to the > developers. Our talkback client feeds off of the standard log mechanism (into a ring buffer of so many lines, that is). So, yes, since that may contain full or partial dumps of the context it might include sensitive information. However, no mail is sent automatically. The user has to explicitely ACK sending anything from a GUI. We don't show *what* is sent, though, yet, let alone allow the user to black out parts of it.
> For bug and issue tracking, could I suggest Roundup? Roundup is nice last I heard. I'd suggest using something that's provided and maintained for us, though, say, on Savannah. Simply man-power issues I guess. Karsten -- GPG key ID E4071346 @ wwwkeys.pgp.net E167 67FD A291 2BEA 73BD 4537 78B9 A9F9 E407 1346 _______________________________________________ Gnumed-devel mailing list [email protected] http://lists.gnu.org/mailman/listinfo/gnumed-devel
