ProcMaps.txt may contain private information such as username

Bug #1029189 reported by Fred on 2012-07-25
16
This bug affects 1 person
Affects Status Importance Assigned to Milestone
apport (Ubuntu)
High
Unassigned

Bug Description

The ProcMaps.txt file that gets uploaded to Launchpad may contain private information such as username that can be obtained from the path of the home directory.

7fbd44c33000-7fbd44c34000 r--s 00000000 08:01 1306557 /home/alice/.local/share/mime/mime.cache

Related branches

security vulnerability: no → yes

All bugs that contain ProcMaps.txt (and also other similar files) are initially private. And private bugs must be checked from a bug control member before going public.

Could you please explain the problem better? Specifically: do you think that Apport is not doing the right thing? Or have you found a public bug containing sensible information?

Thank you in advance.

Changed in apport (Ubuntu):
status: New → Incomplete
Changed in launchpad:
status: New → Invalid
Fred (eldmannen+launchpad) wrote :

Yes, I believe Apport is not doing the right thing.
I have not searched for any public bugs containing sensitive information.

But I noticed ProcMaps.txt containing the username, which some may consider private.
I would suggest that Apport scrub it.

So if my username is 'alice' it replace it with 'foobar', 'ubuntu', '<scrubbed>', 'anonymous' or something.

Curtis Hovey (sinzui) on 2012-07-26
no longer affects: launchpad

Bug reports created by Apport may containing a variety of sensible information -- from user names to credit card numbers. If you think that ProcMaps.txt is leaking private information, than don't look at the other files! :-)
Well, jokes apart, all potentially sensible information uploaded is always secured and reviewed by experienced and competent people. When real sensible information are found, they are removed before a bug report is made public. There are well-established procedures used to deal with such cases.

If you would like to have more information about the procedures used and the people involved, please read the following pages, they are a good start:

https://wiki.ubuntu.com/Bugs/HowToTriage
https://wiki.ubuntu.com/UbuntuBugControl

If you still have suggestions or comments about the procedures and tools we use, then it's better to continue the discussion on the bugsquad mailing list: https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugsquad. I'm invalidating the bug, as this is really not the right place to discuss.

Changed in apport (Ubuntu):
status: Incomplete → Invalid
Fred (eldmannen+launchpad) wrote :

Good that there are well-established procedures used to deal with such cases.

But I don't even want experienced and competent people to be able to see my private username when they review it.
I want it scrubbed/anonymized.

Rohan Garg (rohangarg) on 2012-07-27
visibility: public → private
visibility: private → public
Brian Murray (brian-murray) wrote :

Apport does try to anonymize the ProcMaps.txt attachment, http://bazaar.launchpad.net/~ubuntu-core-dev/ubuntu/quantal/apport/ubuntu/view/head:/apport/report.py#L1294, and is failing for some reason. This should be investigated and is an issue.

Changed in apport (Ubuntu):
importance: Undecided → High
status: Invalid → Triaged
Martin Pitt (pitti) wrote :

Apport currently doesn't consider ProcMaps in anonymization, as for non-/home paths we depend on having correct path names. But I have an idea how to anonymize this less aggressively: one could first check if the path belongs to a packaged file, and anonymize it only if it isn't.

information type: Public Security → Public
Fred (eldmannen+launchpad) wrote :

This bug important is marked as high and it has been years and this issue has still not been resolved.

There could be a search-and-replace on $USER.
There could also be a search-and-replace on /home/*/

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers