[Bug 1676023] Re: apport leaks hostname

forbytten 1676023 at bugs.launchpad.net
Tue Sep 24 09:22:27 UTC 2024 

Workaround I used when creating a bug recently is to:

1. Follow the offline bug collection steps described at
https://help.ubuntu.com/community/ReportingBugs#Filing_bugs_when_offline_or_using_a_headless_setup

2. Redact the .apport file. For example:

# Replace USERNAME, HOSTNAME, IP_ADDRESS placeholders, albeit you will have to escape periods in the IP_ADDRESS. eg. \.
sed -E -e  's/USERNAME/redacted_username/g ; s/HOSTNAME/redacted_hostname/g ; s/IP_ADDRESS/redacted_ip_address/g' out.apport > out-redacted.apport           
              
# Check it                                                                                                                                                                              
git diff --color-words out.apport out-redacted.apport                                                                                                                                                                                                                                                                                                    

# Check it again
grep -i -P 'USERNAME|HOSTNAME|IP_ADDRESS' out-redacted.apport                                                                                                                                                                                                                                                                                            

3. Raise the bug offline using the command on the wiki link above:

ubuntu-bug out-redacted.apport

The .apport file was observed to contain username, hostname and ip
address, which may be useful to an attacker when enumerating a target's
assets.

In my case, the offending files observed were as follows, where the
offending text within has been replaced with "redacted_" as above,
albeit the content containing the username did not seem to be uploaded
to launchpad:

https://launchpadlibrarian.net/751099730/CurrentDmesg.txt 
https://launchpadlibrarian.net/751099753/WifiSyslog.txt

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to apport in Ubuntu.
https://bugs.launchpad.net/bugs/1676023

Title:
  apport leaks hostname

Status in apport package in Ubuntu:
  Confirmed

Bug description:
  Apport leaks the machine's hostname in the log files when uploading
  logs to Launchpad.

  File CurrentDmesg.txt has the line:
  [    6.690523] systemd[1]: Set hostname to <foo>.

  File XorgLog.txt and XorgLogOld.txt has the line:
  [   293.791] Current Operating System: Linux foo 4.10.0-14-generic #16-Ubuntu SMP Fri Mar 17 15:19:26 UTC 2017 x86_64

  ProblemType: Bug
  DistroRelease: Ubuntu 17.04
  Package: apport 2.20.4-0ubuntu2
  ProcVersionSignature: Ubuntu 4.10.0-14.16-generic 4.10.3
  Uname: Linux 4.10.0-14-generic x86_64
  ApportVersion: 2.20.4-0ubuntu2
  Architecture: amd64
  CurrentDesktop: GNOME-Classic:GNOME
  Date: Sat Mar 25 11:21:04 2017
  InstallationDate: Installed on 2013-12-26 (1184 days ago)
  InstallationMedia: Ubuntu 13.10 "Saucy Salamander" - Release amd64 (20131016.1)
  PackageArchitecture: all
  SourcePackage: apport
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1676023/+subscriptions

More information about the foundations-bugs mailing list