Bug#943716: systemd: generates a directory name with the /etc/machine-id value, which is confidential
Michael Biebl
biebl at debian.org
Tue Oct 29 07:25:51 GMT 2019
Am 29.10.2019 um 08:21 schrieb Michael Biebl:
> Am 29.10.2019 um 02:25 schrieb Vincent Lefevre:
>
>> Note also that the same paragraph recommends to use a hash as a
>> stable unique identifier. But since this is meant to be stable
>> and unique, this would also allow the machine to be tracked if
>> such a hash is exposed on the network. So the reason you give
>> is obviously wrong.
>
> This API (sd_id128_get_machine_app_specific) was added to selectively
> allow tracking (say for popcon like cases) but wouldn't allow to get the
> original machine-id.
> If you used the original machine-id for such a use case, it would mean
> you could correlate the data for other ussage scenarios as well, which
> could be problematic.
>
https://lwn.net/Articles/776327/ , if you want to read more about it
--
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://alioth-lists.debian.net/pipermail/pkg-systemd-maintainers/attachments/20191029/17d537a1/attachment.sig>
More information about the Pkg-systemd-maintainers
mailing list