xpra icon
Bug tracker and wiki

Opened 13 days ago

Closed 13 days ago

Last modified 11 days ago

#2765 closed defect (wontfix)

xpra bug-report collecting sensitive information

Reported by: callegar Owned by: Antoine Martin
Priority: major Milestone:
Component: client Version: 4.0.x
Keywords: Cc: stdedos

Description (last modified by Antoine Martin)

Hi,
I wonder if it is really necessary for the bug-report tool to collect certain pieces of information, given that they will be pasted on a public forum.
For instance, I wonder if it is necessary to spill out the public hostname and a valid username of a machine at the same time.
My fault not to check before pasting, but I think many people will do like me particularly if they are in a hurry.

Change History (5)

comment:1 Changed 13 days ago by Antoine Martin

Resolution: wontfix
Status: newclosed

There are toggles to choose what gets included.

Every bit of information can be useful, including usernames, hostnames, connection information, etc.

comment:2 Changed 12 days ago by callegar

System toggle is described as "Xpra version, platform and host information". May I suggest that this is at least made a bit more explicit like "Xpra version, platform and host information including hostname and account information".

comment:3 Changed 11 days ago by Antoine Martin

Description: modified (diff)

Done in r26362 + r26363.

Hostnames will be partly obfuscated, ie:

  • localhost.localdomain -> localhost.***********.
  • 192.168.100.1 -> 192.***.***.*.

comment:4 Changed 11 days ago by callegar

Thanks. May I also suggest obfuscating also the full name of the user? Does not matter to me, but may be appreciated by some...

comment:5 Changed 11 days ago by stdedos

Cc: stdedos added
Note: See TracTickets for help on using tickets.