ABRT in the comps group 'standard'

[Jiri Moskovcak]

On 12/06/2013 04:07 PM, Ralf Corsepius wrote:
> On 12/06/2013 02:45 PM, Michal Toman wrote:
>> On 06.12.2013 14:34, Ralf Corsepius  wrote:
>>> On 12/06/2013 02:14 PM, Jiri Moskovcak wrote:
>
>> ABRT does not send *any* information unless you agree to do it. Not even
>> the anonymous reports. It is true that the settings could be in Anaconda
>> and I think it belongs in there. But at the very moment this is not
>> happening, so ABRT asks you on first launch. It is not ABRT's fault that
>> the majority of users blindly clicks "Next, Next, Next" and enables the
>> automatic sending.
>>
>> Additionally, if you want to prevent business information leak, do not
>> connect your machines directly to the Internet.
> I am talking not talking about highsecurity machines. I am talking about
> abrt passing on password, ips, filenames etc,
>
>  > This approach has been
>> working perfectly for many years and I don't think much has changed in
>> that area lately.
> There were reports of abrt sending out private and confidential
> information to the net and reports of abrt sending reports without
> inspection.
>

- were are those reports?

> I've seen the later happening to myself. I've seen many crashes of abrt
> itself - I.e. abrt is not working perfectly at all.
>

- that's interesting observation and quality indicator, because I've 
seen the following components crash a lot:

- gnome-shell
- blueman
- kernel
- pulseaudion
- firefox
- tracker
- nautilus
......< quite a long list of other components> .....

- so ABRT doesn't seem to perform any worse than the other components in 
Fedora...

> To cut a long story short: To me, abrt the plague: As a user, as a
> package maintainer and as sysadmin.
>

To cut the long story short - Thank you very much for your specific 
examples of such behavior, it's very helpful and the ABRT devels can 
react properly and fix these problems.

--Jirka

> Ralf
>
>