[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[bug#52866] maintenance: Add a crash dump service.
|
From: |
Ludovic Courtès |
|
Subject: |
[bug#52866] maintenance: Add a crash dump service. |
|
Date: |
Tue, 08 Feb 2022 10:53:07 +0100 |
|
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/27.2 (gnu/linux) |
Hi,
Mathieu Othacehe <othacehe@gnu.org> skribis:
>> OK (I didn’t know it was already deployed!). What if we just put the
>> uploaded file in a directory and let nginx provide a directory index and
>> all? Anyway, given the target audience, it doesn’t have to be fancy.
>
> Heh, it was deployed for testing purposes and is now just committed. I
> also considered the nginx directory index but I feel like the current
> approach gives us more flexibility.
>
>> The message should allow for informed consent. Thus it should explain
>> what the risks are (“Logs may contain sensitive information such as …”,
>> “Logs are eventually publicly visible, but IP addresses are not logged”,
>> etc.) and/or it should let users screen all the logs.
>
> Josselin did add the possibility to consult and edit the log files
> before creating the crash dump.
>
>> As discussed the other day on IRC, to make sure the backtrace does not
>> contain passwords, we could define a record type for “secrets”, which
>> would basically just “box” strings such as passwords. That record
>> type’s printer would just print #<secret 0123abcd>. See
>> <file-system-label> for an example.
>
> Also implemented by Josselin.
Well done, thank you!
Ludo’.