[Reportbug-maint] Bug#576828: reportbug should warn reporter on about to be sent text including passwords
Arthur Marsh
arthur.marsh at internode.on.net
Wed Apr 7 15:01:00 UTC 2010
Package: reportbug
Version: 4.11
Severity: wishlist
Hi, it would be a good idea for reportbug to warn of or by default
strip passwords from report messages including attached files (e.g.
text on the same line as a case insensitive match on password) as
Google indexes Debian bug reports very quickly and it would be
trivial to use Google to harvest passwords inadvertently included
in a bug report.
-- Package-specific info:
** Environment settings:
INTERFACE="text"
** /home/amarsh04/.reportbugrc:
reportbug_version "3.5"
mode standard
ui text
realname "Arthur Marsh"
email "arthur.marsh at internode.on.net"
-- System Information:
Debian Release: squeeze/sid
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable')
Architecture: i386 (i686)
Kernel: Linux 2.6.32 (SMP w/1 CPU core; PREEMPT)
Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages reportbug depends on:
ii apt 0.7.25.3 Advanced front-end for dpkg
ii python 2.5.4-9 An interactive high-level object-o
ii python-reportbug 4.11 Python modules for interacting wit
reportbug recommends no packages.
Versions of packages reportbug suggests:
ii debconf-utils 1.5.30 debconf utilities
pn debsums <none> (no description available)
pn dlocate <none> (no description available)
ii emacs22-bin-common 22.3+1-1.2 The GNU Emacs editor's shared, arc
ii exim4 4.71-4 metapackage to ease Exim MTA (v4)
ii exim4-daemon-light [ 4.71-4 lightweight Exim MTA (v4) daemon
ii file 5.04-2 Determines file type using "magic"
ii gnupg 1.4.10-3 GNU privacy guard - a free PGP rep
ii python-gtk2 2.16.0-2 Python bindings for the GTK+ widge
pn python-gtkspell <none> (no description available)
pn python-urwid <none> (no description available)
ii python-vte 1:0.24.0-1 Python bindings for the VTE widget
ii xdg-utils 1.0.2+cvs20100307-1 desktop integration utilities from
-- debconf-show failed
More information about the Reportbug-maint
mailing list