Bug#555680: [Secure-testing-team] Bug#555680: System information in bug reports may be security-sensitive

To: Ben Hutchings <ben@decadent.org.uk>, 555680@bugs.debian.org
Subject: Bug#555680: [Secure-testing-team] Bug#555680: System information in bug reports may be security-sensitive
From: Yves-Alexis Perez <corsac@debian.org>
Date: Fri, 13 Nov 2009 07:58:33 +0100
Message-id: <[🔎] 1258095513.17198.1.camel@hidalgo>
Reply-to: Yves-Alexis Perez <corsac@debian.org>, 555680@bugs.debian.org
In-reply-to: <[🔎] 20091111023403.23343.2926.reportbug@localhost>
References: <[🔎] 20091111023403.23343.2926.reportbug@localhost>

On mer., 2009-11-11 at 02:34 +0000, Ben Hutchings wrote:
> The bug script now offers to include network configuration and status.
> The network configuration file /etc/network/interfaces may include
> encryption keys for wireless networks, which we should scrub.  There
> is also a more general problem of sensitive information in the kernel
> log, but I'm not sure what we can do about that.

Maybe add a big warning, a preview and a Y/N question about including
the script.

The thing is, if it defaults to N, a lot of people will just use “enter”
without caring much, and kernel team will receive a lot of useless
reports.

Cheers,
-- 
Yves-Alexis

Attachment: signature.asc
Description: This is a digitally signed message part

Reply to:

References:
- Bug#555680: System information in bug reports may be security-sensitive
  - From: Ben Hutchings <ben@decadent.org.uk>

Prev by Date: Bug#556009: linux-image-2.6.31-1-686: ath9k disassociates frequently, regression from 2.6.30
Next by Date: Bug#556030: BUG: soft lockup - CPU#1 stuck for 61s! [java:7582]
Previous by thread: Bug#555680: System information in bug reports may be security-sensitive
Next by thread: Bug#555680: System information in bug reports may be security-sensitive
Index(es):
- Date
- Thread