[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Ideas for `bug'.

 I agree that bug shouldn't post config files. They may have sensitive
information that might be used by atackers to the ssystem.

 I don't think we should use the `suid nobody cat approach'. A config file
can have sensitive information and still be world readable (/etc/passwd!).

 Some ideas:

 * Some kind of interactive bug reporting tool, where the reporter gets
the option of sending (or not) each conffile (checkboxes!). 

 * When the user enters the editor through bug he gets:

Package: tool
Version: 1.0-1

;;;Remove the line if you don't want the file sent:
#/etc/another.way   (<--- commented way may be the default!)

 Bug would then insert the named files in the bug report. The drawback is
that the user doesn't have the ability to further edit the conffiles.

 * Packages may be able to specify information for use by `bug'. That
infor may be:
   * Extra information that the maintainer finds it can help him
to deal with the bug, the package may provide a bugreport script that
generates the info!.
   * Which files should be sent...

Nicolás Lichtmaier.-

TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-request@lists.debian.org .
Trouble?  e-mail to templin@bucknell.edu .

Reply to: