[plt-scheme] planet: help submitting bugs & a question

From: Carl Eastlund (cce at ccs.neu.edu)
Date: Tue Sep 2 09:45:45 EDT 2008

On Tue, Sep 2, 2008 at 9:14 AM, Robby Findler <robby at cs.uchicago.edu> wrote:
> On Tue, Sep 2, 2008 at 8:12 AM, Carl Eastlund <cce at ccs.neu.edu> wrote:
>>
>> It would be hard to remove the values that triggered the error without
>> cutting off most of the useful error message information... for
>> instance, if your password checking function had the contract:
>> (-> (matching-password/c your-code) your-sensitive-data/c),
>> just the name of the input contract might be formatted with your-code
>> in it.  The contract itself would have to be taken out, leaving not
>> much information.
>
> I wouldn't anonymize that part, no. I also wouldn't anonymize the
> stacktrace, so if you named a function with your credit card
> information, you'd also be in trouble.

I'd also be in trouble if someone else named a contract or function
with my credit card information.  But the contract is more likely --
function names tend to be static, but contracts can be named
dynamically; for instance, a >=/c inside an ->d will include its
argument in its name.  Not that a lot of Planet code is dealing with
credit card information these days, but personally I prefer an
application to ask me before sending data back, and let me see the
data to decide.  Saving it up and sending it off without asking is
just looking for trouble.

Planet code -- some of it anyway -- is licensed such that it can be
used in proprietary applications.  If we really mean for people to use
it this way, I'm not sure we have the right to start arbitrarily
downloading users' data.

--Carl


Posted on the users mailing list.