You are not logged in.
Hi Everybody,
I forced a cored dump of Xorg in an attempt to try and trace down a bug that I suspect affects the xf86-video-intel driver, I'd like to post it online so I can link to it from the freedesktop.org bug-tracker, but I'm a little concerned whether anyone could recover anything I wouldn't want them to be able to know from the Xserver.
For example, if I was running keychain in some terminal emulators, would they be able to get my ssh key passphrase? Are there other things like this I should be concerned about?
Or are things like this so hard to reverse enginerring from just an Xserver core dump that I shouldn't worry?
Thanks in advance for your time in replying, I did google a bit but all I could find was stuff on the security implications of enabling core dumps, not on posting the to the web.
Offline
Since X doesn't have your passphrase, it can't put it into any core dumps. About the only private data X has inside it that I can think of it the xauth key, but that changes every time you restart X, so it's already expired anyway.
You can always try running "strings" on the core dump and looking for anything bad.
Offline
Thanks, I tried a pass with strings, but there's just so much data, I'll probably just give up and post it.
Offline