ubuntu-bugcontrol team mailing list archive

Thread
Date

Re: Application of Sense Hofstede

To: ubuntu-bugcontrol@xxxxxxxxxxxxxxxxxxx
From: C de-Avillez <hggdh2@xxxxxxxxxx>
Date: Tue, 11 Aug 2009 20:20:58 -0500
In-reply-to: <e371a640908110428j75c63ef1ted1e8293aee19bc5@mail.gmail.com>
Sender: hggdh <hggdh2@xxxxxxxxx>

On Tue, 2009-08-11 at 13:28 +0200, Sense Hofstede wrote:

> This is not the first time I joined the team, I've been a member twice
> before. I left the team twice because I was very inactive both times,
> but every time I regretted the move. It's a nice way of contributing
> to Ubuntu and now I'd like to start with it again.
> Of course this means I already have earlier experience with triaging,
> but to give a better impression of my current skills I'll provide
> links to bugs I've worked recently on.

Hi Sense. Thank you for considering coming back ;-) 
> 
> #3 What sensitive data should you look for in a private Apport crash
> report bug before making it public? See Bugs/HowToTriage for more
> information.
>   The procedure for handling Apport bugs isn't very clear -- to me, at
> least -- but I would look for thinks like passwords, bank account
> numbers, addresses, telephone numbers, IP addresses and anything else
> that looks sensitive.

Yes, I agree we still have some work to be done there. Usually, the most
important pieces are:

* the coredump -- given a good coredump, a lot of private data can be
extracted, up to and including in-use encryption keys. Coredumps are a
real treasure trove.

* the stacktraces with variable values (resulting from a GDB 'bt full')
-- the data that will appear will vary with the programme, but I have
seen full userIds and passwords for internet resources.

> 
> #4 Is there a particular package or group of packages that you are
> interested in helping out with?
>    I usually focus on packages that don't have too much bugs. It
> varies, though. Mostly I pick a program I use myself to make verifying
> the bug easier.

Good enough. And you know the drill.

> 
> #5 Please list of five or more bugs which you have triaged. These bugs
> should demonstrate your understanding of the triage process and how to
> properly handle bugs. If there is a bug in your list that does not
> have an importance indicate what importance you would give it after
> becoming a member of Ubuntu Bug Control. Please use urls in your list
> of bugs.
>   https://bugs.launchpad.net/ubuntu/+source/banshee/+bug/410832 Low

Correctly identified as a dup.

>   https://bugs.launchpad.net/ubuntu/+source/banshee/+bug/410763 Medium

Nice exchange. The 'bt full' helps, but I am curious if there is another
thread opened. a 'thread apply all bt full' would show it. All we know
right now is that *this* thread is in a wait. It would also be
interesting to do a dup find on Gnome (via
http://bugzilla.gnome.org/dupfinder/simple-dup-finder.cgi).

>   https://bugs.launchpad.net/ubuntu/+source/kdebase-workspace/+bug/395303 Low

Again, good exchange, and good call.

>   https://bugs.launchpad.net/ubuntu/+bug/410433 n/a

I am not sure how to interpret the bug :-) But, good response, and
correcly closed.

>   https://bugs.launchpad.net/ubuntu/+bug/396439 n/a

Good call.

I also went and looked at some of the other bugs you have touched. All
of those I looked at (I did not look at *all*) show good calls, and
correct posture.

As such, I see no other option:

+1

Thank you for helping.

> 
> Kind regards,

Same

Attachment: signature.asc
Description: This is a digitally signed message part

References

Application of Sense Hofstede
From: Sense Hofstede, 2009-08-11