#93 ✓released

Common debugging command doesn't protect personal info :(

Reported by Casemon | November 28th, 2011 @ 05:48 PM | in 2013 (closed)

Recently troubleshooting an issue, was asked to run the command given here:

In doing so, was very surprised to see a debug command be so cavalier with spreading my personal info, after asking for my secret PGP password. The command created an email with an embedded log that contained the following:

  • My user name
  • My computer name
  • My public keys
  • My PGP email address
  • Several other email addresses from the GPGMail output

All with no warnings this is being communicated, etc. which seems incongruent with the goal of privacy that these tools have.

Considering the debug command collects so much common info, perhaps it can instead replace what is more or less useless-for-the-purpose-of-debugging personal data before adding it to the log?

I know this issue demands a little more scripting than the current behavior of just collating existing output into a log, but considering the length these tools go to protect privacy, fixing this would be inline with the overall goals, no?

Comments and changes to this ticket

Please Sign in or create a free account to add a new ticket.

With your very own profile, you can contribute to projects, track your activity, watch tickets, receive and update tickets through your email and much more.

New-ticket Create new ticket

Create your profile

Help contribute to this project by taking a few moments to create your personal profile. Create your profile ยป

Organize issues related to http://gpgtools.org

Shared Ticket Bins

People watching this ticket

Referenced by