On 11/14/2013 09:25 AM, Leonid Moiseichuk wrote:
> Crash Reporting proposal for Tizen
Quite insightful document. Thank you!
> 3. Collector:crash - this part is activated in the moment of application crash
> through kernel interface available by /proc/sys/kernel/core_pattern. The
> core
> dump in elf format from crashed application comes at stdin (fd 0), so the
> following information should be pushed to uploading:
...
> = core file, which could be
...
> * in full format as it generated by kernel if application is in
> special
> exceptional list due to sometimes reduced core is not enough, so
> we have to use full version which will have size as VM (up to 2-3
> GB)
> = maybe has sense to save contents of directly opened files from
> /proc/self/fd
> - system runtime information like
> = User inputs recorded by evemu for last 5-60 minutes from
> /dev/input/event*
> which could be used to replay key sequence later
Above are likely to contain a lot of private information - PINs,
passwords included, right? fds will in turn contain references
to pictures with questionable content. Unfiltered core will include
it all.
I would be highly reluctant about sending such information to 3rd
party server ("Analyzer server"). Encryption doesn't help - such
information should not be leaked outside of customer device IMHO.
> Connector
> The Settings to uploader should control the following options:
...
> - list of applications (not from blacklist) which should be reported without
> core reduction
It would be nice to either note privacy implications of turning
on settings like above, or have separate knob that would allow
tuning "privacy" to desired level.
Cheers
Karol
_______________________________________________
Dev mailing list
[email protected]
https://lists.tizen.org/listinfo/dev
