Add %SystemRoot% to whitelisted paths for PreparePathForTelemetry
Categories
(Core :: Widget: Win32, task)
Tracking
()
Tracking | Status | |
---|---|---|
firefox70 | --- | fixed |
People
(Reporter: bugzilla, Assigned: bugzilla)
References
Details
Attachments
(2 files)
47 bytes,
text/x-phabricator-request
|
Details | Review | |
6.53 KB,
text/plain
|
chutten
:
data-review+
|
Details |
This is another directory that we may consider "safe," and since many DLLs are loaded from there, we should allow paths beginning with %SystemRoot%
.
Assignee | ||
Comment 1•4 years ago
|
||
Until now, WinUtils::PreparePathForTelemetry
did not whitelist paths
originating from the Windows system directory. This is unfortunate, as those
paths are not going to contain any PII yet may be useful for troubleshooting.
By adding %SystemRoot%
to the whitelist, such paths will be included after
substituting the real system directory with the name of the environment
variable.
I also took this opportunity to do some cleanup in the way the array of
whitelist entries is managed.
Assignee | ||
Comment 2•4 years ago
|
||
Since this adds an additional whitelisted path to untrusted modules telemetry, I am submitting the untrusted modules data review request, augmented to reflect the changes in this patch.
Comment 3•4 years ago
|
||
Comment on attachment 9087142 [details] Revised data review DATA COLLECTION REVIEW RESPONSE: Is there or will there be documentation that describes the schema for the ultimate data set available publicly, complete and accurate? Yes. This collection is documented in [the in-tree documentation](https://firefox-source-docs.mozilla.org/toolkit/components/telemetry/telemetry/data/untrusted-modules-ping.html). Is there a control mechanism that allows the user to turn the data collection on and off? Yes. This collection is Telemetry so can be controlled through Firefox's Preferences. If the request is for permanent data collection, is there someone who will monitor the data over time? Yes, aklotz and tkikuchi are responsible. Using the category system of data types on the Mozilla wiki, what collection type of data do the requested measurements fall under? Category 1, Technical. Is the data collection request for default-on or default-off? Default on for pre-release channels only. Does the instrumentation include the addition of any new identifiers? No. Is the data collection covered by the existing Firefox privacy notice? Yes. Does there need to be a check-in in the future to determine whether to renew the data? No. This collection is permanent. --- Result: datareview+
Updated•4 years ago
|
Updated•4 years ago
|
Pushed by aklotz@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/5620905b3997 Add SystemRoot to whitelisted paths for WinUtils::PreparePathForTelemetry; r=mhowell,chutten
Comment 5•4 years ago
|
||
bugherder |
Description
•