Summary: | straces and related info | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Tobias Klausmann (RETIRED) <klausman> |
Component: | Current packages | Assignee: | Gentoo Security <security> |
Status: | RESOLVED INVALID | ||
Severity: | critical | ||
Priority: | High | ||
Version: | 1.0 | ||
Hardware: | All | ||
OS: | All | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- |
Description
Tobias Klausmann (RETIRED)
2003-12-04 02:14:57 UTC
Tobias, You should always read man files before running any command regardless of who told you to run it. I suggest you audit your own data before you POST it in the future. changing resolution to INVALID. i e-mailed this bug to gentoo-dev so that other developers would think about such things before asking for straces ... yes users should audit their own stuff but as developers supporting a distribution we cant rely on end users knowing everything Solar: Er, one second. I /didn't/ submit any such data. I witnessed others doing so. And I feel that it'd be just curteous to explain people willing to help what the implications of a command that a dev asked for are. For example "Please send in an strace, but make sure you don't have any real authentication data in your application." I know that this is not always possible. Still, I think that a large number of devs just aren't really aware about this issue. Further, if a dev sees such a submission (an strace containing auth info), privately mailing the submittor and maybe asking the Bugzilla dmin to remove/fix this submission isn't asking for too much, IMHO. SpanKY: Thanks. Tobias, err sorry here guy (been sick). I misunderstood your request initially. Anyway as you feel pretty strong about this issue I encourage you to help raise awareness on this issue by sending mail to our -dev and various other lists to help make both devs and end users aware. SpankY thank you for sending a link to this bug. Solar: I've contacted the GWN people about it. I think writing about it/explaining the implications in GWN might get the thought across to a large number of people. As for the misunderstanding: no hard feelings, we're all just humans (I think) ;) |