bug imports create new users with non-hidden email addresses

Bug #700483 reported by Peter Clifton
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Launchpad itself
Triaged
High
Unassigned

Bug Description

When importing bugs, "dummy" users are created which point to the user's email address from the bug import.

When accessing the "dummy" user account and clicking the "Are you <username>?" link, then click through the continue button, Launchpad tells you what email address it sent the confirmation code to.

Whilst this may be useful to debug mail delivery problems, it is a potential leak of user information which might be useful to spammers.

Tags: easy privacy
Revision history for this message
Peter Clifton (pcjc2) wrote :

The link which results in the link is found from this page:

https://launchpad.net/people/+requestmerge?field.dupe_person=<username>

Revision history for this message
Curtis Hovey (sinzui) wrote :

I am not sure this is a bug. Merge does not show addresses that are marked as hidden to Lp users. Merge shows addresses that are public to Lp Users. anonymous users can never see email addresses.

Changed in launchpad:
status: New → Incomplete
Revision history for this message
Peter Clifton (pcjc2) wrote :

Launchpad is showing the email address of an account which was created during a bug import by an administrator, not one the user has told Launchpad about themselves, or set privacy status for.

I was asked to file this bug by lifeless, but we weren't sure what the desired trade-off between information provided to debug the mail delivery, and information leaks.

summary: - Email address leaked by account merge request
+ bug imports create new users with non-hidden email addresses
Changed in launchpad:
status: Incomplete → Triaged
importance: Undecided → High
tags: added: privacy
Revision history for this message
Henning Eggers (henninge) wrote :

Isn't the information imported from other bug trackers public to start with? Or could the import be pulling in data that is protected on the remote system? If the email address is public anyway, there is no need for us to make efforts to hide it.

Revision history for this message
Robert Collins (lifeless) wrote : Re: [Bug 700483] Re: bug imports create new users with non-hidden email addresses

Bug imports are done from bug database exports - yes, we have access
to nonpublic data.

Revision history for this message
Robert Collins (lifeless) wrote :

All we have to do is set the right permission on the email, and make the template not show the address. Admins can still look at it if needed for debugging

tags: added: easy
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.