bug-reportingSecurity
Sometimes, when info is being collected by ubuntu-bug (either automatically following a program crash or by manually calling it) the following dialog pops up:
Should I include these files or not? What is "dangerous" about someone else know my computer's hostname?
Technically, ubuntu-bug just logs the crash report locally. A separate program, whoopsie, watches for logged reports and uploads them to a central database, where they're automatically grouped to identify overarching problems.
The resulting data is displayed on the Ubuntu error tracker:
Aggregate trends are publicly available, and report details are available to trusted developers. More details are available on the Ubuntu Wiki.
By default, ubuntu-bug doesn't open bugs on Launchpad for crash reports in stable releases, but you can configure it to if you want. After making that change, you can open a bug for an existing crash report by running ubuntu-bug /var/crash/foo.crash.
You are not alone... This is a confirmed bug and I must add a VERY annoying bug.
In theory it has been fixed by late 2013 but at least in my case, even after update/upgrade my box was still displaying the same behaviour.
In my case the only way of fixing it was to follow the work-around documented under the same bug:
Comment xubuntu in /etc/upstart-xsessions and voilà!
Best Answer
The software uses several data sources for a bug report. One such source is your user environment. This is the content of the file
/proc/PID/envwherePIDis the process ID of a specific process. In the case of a networking program this might reveal to which servers you are connected. Some software allows it to enter a password as commandline option.Also a hostname can be sensitive. Just assume you are working inside a company. The fact itself that you're working there, could be revealed through a hostname and might be sensitive.
So in many cases a hostname will not sensitive per se, but with additional information it can easily get sensitive or sometimes dangerous.
The error message is just a reminder for you to reflect if your hostname or other information are worth being protected. If no, all is OK. If yes, you should modify the report.