RetraceServer security [Re: abrt wishlist]

Jiri Moskovcak jmoskovc at
Tue Dec 14 10:06:43 UTC 2010

On 12/14/2010 03:51 AM, Jan Kratochvil wrote:
> On Thu, 09 Dec 2010 17:10:49 +0100, David Malcolm wrote:
>> Another gratuitous me too, see:
> Detailed description:
> [...] User sends the coredump [...]
> Do you intend to make it default for Fedora?

- not decided yet, but I'm thinking about something user friendly like 
dialog saying:

How do you want to generate the backtrace?
1. Locally (will download XY MB of debuginfo and you need gdb and etc..)
2. I want to use the RS (WARNING!!: will upload the core file which may 
contain a sensitive data, but provides a better backtrace)
3. I need to ask my older brother, so cancel the reporting ...

> So far I thought it is not acceptable and in many cases my request in BZ for
> a core dump was refused by a user due to security concerns.

- some people won't send it some will.. When I can't reproduce the bug 
and user doesn't want to send me the core, then sorry -> CLOSED 
INSUFF_INFO what else can you do?

> OTOH the system binaries are already provided by the Fedora project and if the
> retrace server infrastructure has the same security as Koji servers the
> security level stays the same.

- exactly if we want to get user's private data there is many easier 
ways then to build a server and write a special app for it...

But the core definitely won't be uploaded without making sure that user 
understands what he is about to upload, as we don't want to get under 
the same critic as one of the well known operating system developer :)


More information about the devel mailing list