ProcMaps.txt may contain private information such as username

Fred . eldmannen at
Mon Jul 30 21:26:45 UTC 2012

I don't think privacy is a non-issue.

On Mon, Jul 30, 2012 at 10:54 PM, stevec at
<stevec at> wrote:
> Far too much effort is being put into this non-issue.
> Sent from my HTC
> ----- Reply message -----
> From: "Fred ." <eldmannen at>
> To: "Thomas Ward" < at>
> Cc: <ubuntu-bugsquad at>
> Subject: ProcMaps.txt may contain private information such as username
> Date: Mon, Jul 30, 2012 19:20
> Yeah, users can look what is being submitted.
> On one hand, the user really wants to submit that bug and help out.
> On the other hand, the user does not want to reveal PII and compromise
> his privacy.
> The user is nice enough to take the time to report a bug, he it
> putting in effort and time.
> Why should he have to sacrifice his privacy too?
> What reasonable actions can we take to prevent PII leakage?
> If we cant get rid of all PII leakage, maybe we can at least reduce it.
> What measures can we take to increase privacy, decrease PII leakage, while
> not
> reducing the quality of the report?
> Could $USER and $HOSTNAME be assigned something else to the Apport process?
> On Mon, Jul 30, 2012 at 7:45 PM, Thomas Ward
> < at> wrote:
>> You mean from humans going through with a fine toothed comb, and having
>> more
>> than one user look at it?
>> I work in IT Security, i can identify PII relatively easily.  Part of my
>> job
>> is to identify instances of PII leakage, whether accidental or
>> maliciously.
>> I can spot those things.  Likely, most of Bug Control can identify that as
>> well.
>> As I've said and at least one other person has said on this email chain, I
>> think the likelihood of PII leakage falls upon two groups of people: the
>> competency of people on the team(s) that can see the private bugs, and the
>> competency of the user who is submitting the data to actually *look* at
>> what's being submitted.  I believe apport should better identify the risk
>> of
>> submitting the information, making a note that PII might be in the report.
>> I still believe that autoremoving these items is not a good idea.
>> Even then, if I thought it *were* a good idea, there's a feasibility issue
>> here, of how to automatically identify and remove the information.  How
>> are
>> we going to identify *every variation* of how PII shows up?  How're we
>> going
>> to remove that PII without any side-effects (see the 'go' example in the
>> email chain)?
>> I also personally believe that the likelihood of any true PII leakage is
>> at
>> or near zero.  Most of the responsibility falls on the users themselves to
>> say "Do I really want to include this information?", and if so then that's
>> the end of it, otherwise they have to go through and decide whether they
>> really want to include the information.
>> (I might be restating my opinions, but from my perspective as someone who
>> works with PII fairly often, and as a programmer, there is a "feature
>> feasibility" issue here)
>> -----------
>> Thomas
>> On Mon, Jul 30, 2012 at 12:40 PM, Fred . <eldmannen at> wrote:
>>> Well then just modifying $USER and $HOSTNAME maybe work?
>>> What options do we have for improving privacy and prevent PII leakage?
>>> On Mon, Jul 30, 2012 at 6:01 PM, Claudio Moretti <flyingstar16 at>
>>> wrote:
>>> > On Mon, Jul 30, 2012 at 3:50 PM, Fred . <eldmannen at> wrote:
>>> >>
>>> >> You wouldn't search and replace for just "go", you would include the
>>> >> directory separator and search for "/go/", and probably even include
>>> >> home there and search for "/home/go/"
>>> >> So a stacktrace should be no problem.
>>> >
>>> >
>>> > Sure, but you won't be able to replace strings that contain only the
>>> > username, and the user at hostname:pwd string too..
>>> >
>>> > Claudio
>>> --
>>> Ubuntu-bugsquad mailing list
>>> Ubuntu-bugsquad at
> --
> Ubuntu-bugsquad mailing list
> Ubuntu-bugsquad at

More information about the Ubuntu-bugsquad mailing list