On Mon, Mar 19, 2018 at 03:55:25PM +0000, Matthew Paul Thomas wrote:
> Robie Basak wrote on 19/03/18 13:47:
> > The way I see it, by choosing to log, one is also choosing to make
> > that data public should the user share logs. Since sharing logs is
> > something that is typically done when asking for help on the Internet
> > at large.
>
> If I understand this correctly, the logic is:
>
> 1. People choose whether to log systemd.
>
> 2. Those people, who choose to log systemd, know that "ubuntu-bug
> evolution" (for example) will post JournalErrors.txt publicly.
>
> 3. Those people, who know they're posting JournalErrors.txt publicly,
> also know that it may include confidential information.
>
> Is that right? Because I'd be surprised if *any* of those things is true
> (for more than 10% of that set of people), let alone all three.
No, I think you have the inverse sense of what I intended. I mean that
by the _developer_ choosing to write upstream code such that something
is logged, that developer is also implicitly deciding that the logs may
be made public, because that's how the ecosystem works. So upstreams
should ensure that private information is not logged by default.
> > I conclude that it needs to be decided in tracker upstream if that
> > information should be considered private or not. If it should be
> > private, then it shouldn't be logged by upstream by default.
> >…
>
> This seems to assume that the main use of Ubuntu log files is posting in
> public bug reports and support forums — rather than, say,
> troubleshooting and system administration in corporate IT departments.
> Again, I'd be surprised if that's true.
For a privacy concern, I don't think it matters what the main use is. A
minority use that leads to a leak is still a leak that we should fix.
