Bugs reports should include syslog warnings or not?

Matthew Paul Thomas mpt at canonical.com
Tue Mar 20 11:10:30 UTC 2018


Robie Basak wrote on 19/03/18 19:41:
>…> No, I think you have the inverse sense of what I intended. I mean
that> by the _developer_ choosing to write upstream code such that
something> is logged,
Ah, I see, I misinterpreted “one” as referring to the user.

>            that developer is also implicitly deciding that the logs
> may be made public, because that's how the ecosystem works. So
> upstreams should ensure that private information is not logged by
> default.
>>> This seems to assume that the main use of Ubuntu log files is posting
>> in public bug reports and support forums — rather than, say,
>> troubleshooting and system administration in corporate IT
>> departments. Again, I’d be surprised if that’s true.
> 
> For a privacy concern, I don't think it matters what the main use is.
> A minority use that leads to a leak is still a leak that we should
> fix.

The proportion of use determines *how* it should be fixed. If many/most
uses of a log are for private troubleshooting and system administration,
then expecting every upstream developer to omit useful information when
logging — or to store “the private information somewhere
out-of-default-band” — would not be the most efficient solution.

-- 
mpt



More information about the ubuntu-devel mailing list