xpra icon
Bug tracker and wiki

This bug tracker and wiki are being discontinued
please use https://github.com/Xpra-org/xpra instead.

Opened 2 years ago

Closed 2 years ago

Last modified 16 months ago

#2765 closed defect (wontfix)

xpra bug-report collecting sensitive information

Reported by: callegar Owned by: Antoine Martin
Priority: major Milestone:
Component: client Version: 4.0.x
Keywords: Cc: stdedos

Description (last modified by Antoine Martin)

I wonder if it is really necessary for the bug-report tool to collect certain pieces of information, given that they will be pasted on a public forum.
For instance, I wonder if it is necessary to spill out the public hostname and a valid username of a machine at the same time.
My fault not to check before pasting, but I think many people will do like me particularly if they are in a hurry.

Change History (6)

comment:1 Changed 2 years ago by Antoine Martin

Resolution: wontfix
Status: newclosed

There are toggles to choose what gets included.

Every bit of information can be useful, including usernames, hostnames, connection information, etc.

comment:2 Changed 2 years ago by callegar

System toggle is described as "Xpra version, platform and host information". May I suggest that this is at least made a bit more explicit like "Xpra version, platform and host information including hostname and account information".

comment:3 Changed 2 years ago by Antoine Martin

Description: modified (diff)

Done in r26362 + r26363.

Hostnames will be partly obfuscated, ie:

  • localhost.localdomain -> localhost.***********.
  • -> 192.***.***.*.

comment:4 Changed 2 years ago by callegar

Thanks. May I also suggest obfuscating also the full name of the user? Does not matter to me, but may be appreciated by some...

comment:5 Changed 2 years ago by stdedos

Cc: stdedos added

comment:6 Changed 16 months ago by migration script

this ticket has been moved to: https://github.com/Xpra-org/xpra/issues/2765

Note: See TracTickets for help on using tickets.