After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 732286 - Disable or fix Pastebin function in debug window to protect user data
Disable or fix Pastebin function in debug window to protect user data
Status: RESOLVED OBSOLETE
Product: empathy
Classification: Core
Component: General
3.12.x
Other Linux
: Normal major
: ---
Assigned To: empathy-maint
empathy-maint
Depends on:
Blocks:
 
 
Reported: 2014-06-26 16:10 UTC by Stephen
Modified: 2018-05-22 16:31 UTC
See Also:
GNOME target: ---
GNOME version: ---


Attachments
debug-window: use a #define for the API key (1.59 KB, patch)
2014-08-25 09:43 UTC, Guillaume Desmottes
none Details | Review
debug-window: set an expire date on pastebin upload (1.85 KB, patch)
2014-08-25 09:43 UTC, Guillaume Desmottes
none Details | Review
debug-window: upload logs to pastebin as 'unlisted' (1.48 KB, patch)
2014-08-25 09:43 UTC, Guillaume Desmottes
none Details | Review
debug-window: ask for confirmation before uploading logs to pastebin (1.84 KB, patch)
2014-08-25 09:43 UTC, Guillaume Desmottes
none Details | Review

Description Stephen 2014-06-26 16:10:52 UTC
See my comments at https://bugzilla.gnome.org/show_bug.cgi?id=658724#c19 and https://bugzilla.gnome.org/show_bug.cgi?id=658724#c20 on the bug for original implementation of this button.

At present the button:

* Doesn't warn the user/confirm before sending.
* Posts as a guest user, publicly, with no expiry, allowing only a manual abuse takedown request, which takes up to 24 hours, by which time the page in my case was already crawled by both Google and another bot *designed* to trawl for sensitive data.
* Goes against Pastebin's AUP regarding the posting of sensitive data. In my case it submitted the SIP number I was trying to call, and my SIP user account and endpoint, as well as my local user account name.

Additionally, some bug somehow triggered the button immediately on my opening the debug window, without my clicking it.

I have asked Pastebin to revoke the API key used in Empathy (as mentioned in the other bug) as it is being used in released versions in an inappropriate manner per their AUP. I'd suggest that the responsible thing to do would be for the API key owner (Chandni I believe) to revoke it herself anyway and for a new key to be obtained as and when this feature is modified to fix the above problems.
Comment 1 Guillaume Desmottes 2014-08-25 09:43:35 UTC
Created attachment 284384 [details] [review]
debug-window: use a #define for the API key
Comment 2 Guillaume Desmottes 2014-08-25 09:43:39 UTC
Created attachment 284385 [details] [review]
debug-window: set an expire date on pastebin upload

We don't want the logs to stay stored forever on pastebin's servers. One month
should be enough.
Comment 3 Guillaume Desmottes 2014-08-25 09:43:43 UTC
Created attachment 284386 [details] [review]
debug-window: upload logs to pastebin as 'unlisted'

We only want the people with the link to be able to see the logs.
Comment 4 Guillaume Desmottes 2014-08-25 09:43:47 UTC
Created attachment 284387 [details] [review]
debug-window: ask for confirmation before uploading logs to pastebin
Comment 5 GNOME Infrastructure Team 2018-05-22 16:31:08 UTC
-- GitLab Migration Automatic Message --

This bug has been migrated to GNOME's GitLab instance and has been closed from further activity.

You can subscribe and participate further through the new bug through this link to our GitLab instance: https://gitlab.gnome.org/GNOME/empathy/issues/789.