[Pkg-xfce-devel] Bug#889905: Bug#889905: xfce4-notifyd: privacy-invasive logging of notification content

[Sergio Gelato]

* Yves-Alexis Perez [2018-02-08 20:38:01 +0100]:
> Hi, thanks for the bug report. Can you provide the upstream bug report on
> this? I can't reproduce with:
> 
> notify-send ' ' on xfce4-notifyd 0.4.1-1 so maybe it's been
> fixed meanwhile.

The upstream bug numbers are #10027 and #14073. Yes, 0.4.1 includes some of
the associated fixes, although as noted in
https://bugzilla.xfce.org/show_bug.cgi?id=14073#c5
nothing short of xfce4-notifyd parsing the notification string itself will
actually solve the problem, and this planned for 0.4.2 at the earliest.

Apparently, only the body is subject to markup interpretation. Try
notify-send 'markup test' ' '
On Debian stretch, this yields:
  xfce4-notifyd[2039]: Failed to set text ' ' from markup due 
to error parsing markup: Error on line 1 char 19: Odd character '>', expected a 
'=' after attribute name 'this' of element 'like'
(and the body isn't shown to the user, only logged).

> First, it's definitely not xfce4-notifyd sending this to syslog. More likely
> it's just output to stdout/stderr and systemd forwards it to journal and the
> syslog.

The systemd unit file is part of this Debian package, and the information is
being disclosed by xfce4-notifyd. That xfce4-notifyd doesn't call syslog()
directly is just an implementation detail as far as I'm concerned.


signature.asc
Description: PGP signature
___
Pkg-xfce-devel mailing list
Pkg-xfce-devel@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-xfce-devel

[Pkg-xfce-devel] Bug#889905: Bug#889905: xfce4-notifyd: privacy-invasive logging of notification content

[Yves-Alexis Perez]

On Thu, 2018-02-08 at 17:05 +0100, Sergio Gelato wrote:
> xfce4-notifyd has bugs (known upstream) in its handling of markup, more
> specifically of unintentional markup   This bug report
> is about the way it logs occurrences of such (non-)markup.

Hi, thanks for the bug report. Can you provide the upstream bug report on
this? I can't reproduce with:

notify-send ' ' on xfce4-notifyd 0.4.1-1 so maybe it's been
fixed meanwhile.
> 
> Here is a (redacted) example of an entry I've seen in my logs due to user
> activity. I don't want, and my users almost certainly don't want me, to see
> this much detail: it's privacy-invasive. I'll filter out these messages
> but feel that they shouldn't be sent to syslog in the first place. Not in so
> much detail, and not for every notification that happens to contain an
> ampersand or a < bracket.

First, it's definitely not xfce4-notifyd sending this to syslog. More likely
it's just output to stdout/stderr and systemd forwards it to journal and the
syslog.
-- 
Yves-Alexis

signature.asc
Description: This is a digitally signed message part
___
Pkg-xfce-devel mailing list
Pkg-xfce-devel@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-xfce-devel