I've marked this bug as "subscribers only" and "security" since it has a coredump in it which may contain my password. I hope between those two settings the coredump will not be available to anyone other than "authorized" parties. If you wish to open this bug up then I request that you delete the coredump attachment.
Regardless, I have changed my password here since sending that bug, but I'd rather not have door-knob rattlers at my door. This does raise an issue of security with people sending complete bug reports to launchpad and having no idea that their password might be included in the data some how. I had an idea that it might be, but I understand Linux systems and security. The average joe probably does not. If apport/launchpad[1] cannot deal with this issue directly then the triage team should be doing the best they can to get to and protect bug reports that may contain passwords from prying eyes. 1. perhaps any package which has the potential to send a password in it (i.e. which is even remotely related to password operations) should be flagged somehow so that apport can request confidentiality when it sends up the bug report to apport. You guys probably understand better than I what steps could be taken to help with this problem. -- [apport] gnome-screensaver-dialog crashed with SIGSEGV in krb5_cc_destroy() https://bugs.launchpad.net/bugs/106412 You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
