lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20130821151302.GA9071@nazgul.tnic>
Date:	Wed, 21 Aug 2013 17:13:02 +0200
From:	Borislav Petkov <bp@...en8.de>
To:	Dave Jones <davej@...hat.com>
Cc:	Anton Arapov <anton@...hat.com>, Theodore Ts'o <tytso@....edu>,
	Greg KH <gregkh@...uxfoundation.org>,
	ksummit-2013-discuss@...ts.linuxfoundation.org,
	linux-kernel@...r.kernel.org
Subject: Re: [ATTEND] oops.kernel.org prospect

On Tue, Aug 20, 2013 at 08:37:48AM -0400, Dave Jones wrote:
> abrt used to have a free-form entry like this. What happened is users
> have no idea what to type in there, so you end up with bugs containing
> things like "don't know" or worse, some crazy moon language you can't
> even read.

Prepend the entry with an informative question maybe:

"Enter bug reproduction information here:"

> Two things worth noting here, are 1) the original kerneloops also
> didn't collect anything like this, and was still very useful, and
> 2) for the more common issues (which let's face it, are going to be
> the only things people really look at) chances are pretty high that
> there's going to be someone also reporting it on lkml, or in a distro
> bug tracker.

Ok.

> What might be useful however, is collecting things like
> dmi/lspci/lsusb etc and _asking_ the user if they're ok with including
> them at time of filing. We might scare off some of the more paranoid
> OMGMYSECRETDATAS users, but chances are high most people won't care.
> This requires the client to have a UI though, which aiui, it currently
> doesn't. Anton?

Definitely a step in the right direction.

> We might also ask if they want to provide an email address for
> feedback, but that leads to a bunch of questions about how we expose
> that to developers without exposing it to spambots.

Right.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ