[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Smolt and software information



Am Freitag, den 09.11.2007, 12:18 -0500 schrieb Yaakov Nemoy:
> On Nov 9, 2007 11:53 AM, nodata <lsof nodata co uk> wrote:
> > > 2) Are there any privacy concerns?  Remember smolt is voluntary, and
> >
> > A loaded question!
> >
> > > so far we don't link any information to machines other than a single
> > > UUID that is privately stored.
> >
> > Sometimes it *is* useful to give out a smolt UUID to let someone (e.g. a
> > kernel developer) get at hardware information for a bug report. That's
> > okay. If you then "extended" smolt to give out more information (it
> > won't stop here btw), then some of those people won't provide that
> > information any more, unless they can choose which information they
> > send.
> 
> We do know about some of the standing privacy concerns, but
> implementing the solutions is more a time issue.  I have winter break
> from school in about six weeks, so I'll have a month of cold weather
> to inspire some good smolt hacking.  Until then, I'm just going over
> an idea brought up.
> 
> Access controls on the UUID script - Probably a trivial patch to make
> it root readable only.  I should probably file a bug on it.

Done: https://bugzilla.redhat.com/show_bug.cgi?id=373211

> 
> Selective information submission - Probably also a good idea, though
> the implementation is less than trivial.
> 
> Giving out a secondary UUID that has access controls applied - In our
> bug reports, the solution is far from trivial, and the number one
> thing to do as soon as the semester is over.
> 
> We're always listening for ideas about security and privacy, of
> course, if you have more good points. :)
> 
> Cheers,
> Yaakov
> 


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]