Do not send any paths that are not part of RPM package

[mmilata]

See abrt/abrt#608 for an example.

We should probably mark the report as invalid and not send it.

[jfilak]

Are you sure that we want to implement such a feature in satyr? What are the pros and cons of implementing this in satyr? I would rather implement it in ABRT and keep satyr as simple as it is possible. Users may realize that they need to send even these paths and ABRT already has a configuration option ("OpenGPGCheck") for this purpose.

[mmilata]

Idea: provide a function like

bool sr_report_check_paths(struct sr_report, bool (*path_callback)(const char *path, void *data), void *data);

that would return true if path_callback returned true for all paths in the report. The path_callback could e.g. check whether the path belongs to an RPM.

Consider:

• Would it make sense to also allow to anonymize the path instead of rejecting it altogether? E.g. for /home/username/.app/plugin.so could be anonymized to something like /home/<censored>.
• Are there other kinds of data that should be checked against a whitelist apart from filesystem paths?

[mtoman]

FAF has a KB response for /home/.* and /usr/local/.* and I don't se why it shouldn't collect such reports. We maybe don't want to send such reports to Bugzilla, but that's ABRT's / libreport's job.

[mmilata]

My concern is about anonymity, paths can contain sensitive information (e.g. /home/flastname/horse_porn.avi).

We currently send paths only as part of a backtrace so there's probably little chance of leaking some kind of sensitive path. Nevertheless we state that the reports are anonymous and I think we should be more careful about what we send.