[Fedora-legal-list] Privacy policy
Jakub Filak
jfilak at redhat.com
Wed Jan 14 14:29:50 UTC 2015
On Wednesday 14 of January 2015 15:18:00 Florian Weimer wrote:
> On 01/14/2015 02:27 PM, Marek Brysa wrote:
> > Hi Matthias and Florian,
> >
> > I wasn't subscribed to the list so I can't reply directly to the thread.
> >
> > The data contained in the automatic bug report (uReport) is described
> > here:
> > https://github.com/abrt/faf/wiki/uReport
> > It was designed with anonymity as a requirement and doesn't contain any
> > user sensitive data, only a simple backtrace and some statistical info
> > like OS version and related package versions. We don't save IP addresses
> > where the reports are coming from.
>
> The current upload process does not ensure anonymity because of all the
> logging the Fedora infrastructure does. Both the dialog text and the
> policy need to reflect that. (ureport uploaders are likely
> pseudonymous, at least as long only paths which are part of the OS
> installation are reported.)
>
> > Reporting to Bugzilla may contain sensitive data (coredump), but is
> > manual, for advanced users only and the user is required to do a review
> > of the data.
> Even the process environment may contain sensitive data. Only in rare
> cases, it will be totally anonymous before manual scrubbing by the user.
Sure, but ABRT *NEVER* reports automatically to Bugzilla.
Correct me if I am wrong, but it is NOT expected that the reporting to
Bugzilla is anonymous.
Jakub
More information about the legal
mailing list