Re: Privacy concern with debconf

To: jimmybgood9@yahoo.com
Cc: debian-policy@lists.debian.org
Subject: Re: Privacy concern with debconf
From: Joey Hess <joeyh@debian.org>
Date: Mon, 3 Mar 2003 16:18:21 -0500
Message-id: <[🔎] 20030303211821.GH17049@dragon.kitenet.net>
Mail-followup-to: jimmybgood9@yahoo.com, debian-policy@lists.debian.org
In-reply-to: <[🔎] 20030303204209.CELS2591.fed1mtao03.cox.net@ip68-105-133-153.tc.ph.cox.net>
References: <[🔎] 20030303204209.CELS2591.fed1mtao03.cox.net@ip68-105-133-153.tc.ph.cox.net>

James Blanford wrote:
> I am concerned with a new trend that uses debconf to configure personal
> information into system files.  I'll start with an exaggerated example.
> I have a Window Maker dockapp, wmbday, that counts down the seconds to
> my birthday and then displays the message, "Happy Birthday,
> Yournamehere!". If I installed it the way some dockapps do it now,
> debconf would ask for my name and birth date and put that info in
> command line parameters in the /usr/lib/menu/wmbday file.
> 
> Now even legitimate users of the program have access to my personal
> information, not to mention that it is also possible for any user,
> daemon or hacker to read the info from this world readable file.
> 
> The real packages I'm talking about are wmweather and wmmoonclock.  The
> former stores your METAR (local weather station) code in
> /usr/lib/menu/wmweather and the latter stores your latitude and
> longitude.  These are not big concerns for me, but it's not hard to
> imagine some person or some organization that wouldn't want this info to
> be exposed.

I doubt these programs should be modifying /usr like that. Conffiles
belong in /etc, generated files in /var. Worth a bug report on the FHS
violations alone. It also seems to me it would be better to let these
programs read a dotfile in $HOME, with perhaps an interactive GUI
congfigurator that they can bring up, and not have a site-wide
configuration for them at all.

But I don't grok the privacy concerns: If you have users on your local
machine from whom you want to hide the location of your machine, you
have bigger problems than METAR. The time zone and routing table of your
machine come to mind, and I am sure there is much more.

But, all such data should be in /etc and /var where admins can find if
if they are really trying to lock down a machine in this manner. That's
where the FHS comes in.

> I could find no Debian guideline on this matter. Certainly one could
> define the difference between configuration that changes how a program
> runs and configuration that personalizes the program for a specific
> user.

Right, I think it's a well-estblished conventon that the former goes in
/etc and the latter in $HOME.

-- 
see shy jo

Attachment: pgpK5iScCyHFY.pgp
Description: PGP signature

Reply to:

References:
- Privacy concern with debconf
  - From: James Blanford <jimmybgood@cox.net>

Prev by Date: Privacy concern with debconf
Next by Date: Processed: reassigning...
Previous by thread: Privacy concern with debconf
Next by thread: Processed: reassigning...
Index(es):
- Date
- Thread