This problem has existed from the beginning of apport (in Ubuntu 6.10
"edgy", not in jaunty). It was a conscious decision, and to mitigate
this we have several barriers:
- It is only enabled for development releases, not in stables, so that we
don't put this difficult decision on casual users.
- Bugs with potentially sensitive data such as core dumps are filed private by
default
- Core dumps are deleted by the apport retracer after producing the symbolic
stack trace
- Apport anonymizes user name, environment, current working directory, etc.
- Apport shows you the entire report which it is going to send and asks you
for confirmation (obviously you can only show text data, not the core dump).
I'm afraid that's about as much as we can do without dropping apport
completely.
** Changed in: apport (Ubuntu)
Status: New => Won't Fix
--
ubuntu creash reporting reveals sensitive data
https://bugs.launchpad.net/bugs/359902
You received this bug notification because you are a member of Ubuntu
Bugs, which is a direct subscriber.
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
