ProcMaps.txt may contain private information such as username
Brian Murray
brian at ubuntu.com
Mon Jul 30 22:25:54 UTC 2012
On Thu, Jul 26, 2012 at 06:39:46PM +0200, Fred . wrote:
> https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1029189
>
> The ProcMaps.txt file that gets uploaded to Launchpad may contain
> private information such as username that can be obtained from the
> path of the home directory.
>
> 7fbd44c33000-7fbd44c34000 r--s 00000000 08:01 1306557
> /home/alice/.local/share/mime/mime.cache
>
> I propose scrubbing/anonymizing the username.
As we can see in the apport source code[1], apport does try to anonymize
information like the username in bug reports and this includes checking
ProcMaps.txt. It does not seem to have worked in this particular case
and this should be reported as a bug about apport. Please let us know
the bug number if you open one.
[1]
http://bazaar.launchpad.net/~ubuntu-core-dev/ubuntu/quantal/apport/ubuntu/view/head:/apport/report.py#L1294
Thanks!
--
Brian Murray
Ubuntu Bug Master
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/ubuntu-bugsquad/attachments/20120730/a06a788e/attachment.pgp>
More information about the Ubuntu-bugsquad
mailing list