[plt-scheme] planet: help submitting bugs & a question

From: Robby Findler (robby at cs.uchicago.edu)
Date: Tue Sep 2 09:48:07 EDT 2008

Yes, some form of confirmation from the submitter is probably going to
be required. That seems to be the consensus.


On Tue, Sep 2, 2008 at 8:45 AM, Carl Eastlund <cce at ccs.neu.edu> wrote:
> On Tue, Sep 2, 2008 at 9:14 AM, Robby Findler <robby at cs.uchicago.edu> wrote:
>> On Tue, Sep 2, 2008 at 8:12 AM, Carl Eastlund <cce at ccs.neu.edu> wrote:
>>> It would be hard to remove the values that triggered the error without
>>> cutting off most of the useful error message information... for
>>> instance, if your password checking function had the contract:
>>> (-> (matching-password/c your-code) your-sensitive-data/c),
>>> just the name of the input contract might be formatted with your-code
>>> in it.  The contract itself would have to be taken out, leaving not
>>> much information.
>> I wouldn't anonymize that part, no. I also wouldn't anonymize the
>> stacktrace, so if you named a function with your credit card
>> information, you'd also be in trouble.
> I'd also be in trouble if someone else named a contract or function
> with my credit card information.  But the contract is more likely --
> function names tend to be static, but contracts can be named
> dynamically; for instance, a >=/c inside an ->d will include its
> argument in its name.  Not that a lot of Planet code is dealing with
> credit card information these days, but personally I prefer an
> application to ask me before sending data back, and let me see the
> data to decide.  Saving it up and sending it off without asking is
> just looking for trouble.
> Planet code -- some of it anyway -- is licensed such that it can be
> used in proprietary applications.  If we really mean for people to use
> it this way, I'm not sure we have the right to start arbitrarily
> downloading users' data.
> --Carl

Posted on the users mailing list.