ubuntu-bugcontrol team mailing list archive

[Brian Murray <brian@xxxxxxxxxx>]

On Wed, May 13, 2009 at 01:17:03PM -0700, Mike Rooney wrote:
> > 1) As you can see from my bug triaging with the bug squad (I hope!) I always try
> > to be polite to bug reporters or other commenters no matter what.  After all,
> > they have taken the time to make ubuntu better, but sometimes they need a hand
> > with triaging, who would I be to deny them that.  And yes I have signed the Ubuntu CoC.
> >
> > 2) I have read the documentation thouroughly when I first joined the bugsquad. And
> > whenever I am doubtful of something I refer to it.  I have the wiki links saved in
> > a .txt in my home folder in case I need to visit them.
> >
> > 3) The 'stacktrace.txt' file which is attatched in apport crash report bugs could have
> > sensitive information such as passwords, bank numbers, CSS keys or e-mail addresses.
> 
> This is not the only file that can contain sensitive information as I
> understand it, so I'd review the guidelines there.

The files that could contain sensitive information are the following:

CoreDump.gz - as this is the whole crash dump
Stacktrace.txt
Stacktrace.txt (Retraced)
ThreadedStacktrace.txt
ThreadedStacktrace.txt (Retraced)
Traceback.txt

The stack trace and the threaded stack trace are the same bits of
information just arranged differently.  However, I think the best way to
be absolutely certain there is no sensitive information is double
checking each file if there is not anything sensitive.  If you have
found something sensitive it is safe not to check the rest of them.

-- 
Brian Murray                                                 @ubuntu.com

Attachment: signature.asc
Description: Digital signature