Users might share BDB database/*.log files thinking they are logs and leak private keys. #9769

issue gmaxwell openend this issue on February 15, 2017
  1. gmaxwell commented at 7:07 pm on February 15, 2017: contributor

    After asking someone on IRC for their debug.log file today they pastebinned one of their BDB ’logs’. (In this case it didn’t appear to contain any key material, fortunately.)

    We should rename these things to make this error less likely in the future, at a minimum putting the environment in a directory named ‘walletdatabase’ would be a big improvement.

    It may have been a factor that their error said something about that BDB file, which further encouraged them to paste it… if so I’m not sure how much we can do there.

  2. jnewbery commented at 10:18 pm on February 15, 2017: member
    How about a dump_diags() RPC that dumps all non-sensitive data and log files into a tar file? Asking average users to go through the data directory is always going to be risky.
  3. fanquake added the label Privacy on Feb 16, 2017
  4. laanwj commented at 7:34 am on February 16, 2017: member

    This is certainly an issue, but I’d say that whatever new format that is going to be used for the wallet should fix this in one go. Going through an intermediate phase in renaming files, which may break forward/backward compatibility anyway with the lousy old BDB 4.8 really isn’t worth it in my opinion at least.

    How about a dump_diags() RPC that dumps all non-sensitive data and log files into a tar file? Asking average users to go through the data directory is always going to be risky.

    Most of the time people will be sending their debug.logs because they can’t run the client anymore. A RPC call to collect information would help little. An external tool may help, and would be easy if it wasn’t for Windows.

  5. gmaxwell commented at 4:41 am on February 20, 2017: contributor
    We could make a dummy file in the database directory? “All_files_in_this_directory_could_contain_wallet_secrets.txt”
  6. laanwj commented at 10:43 am on February 24, 2017: member
    Yes, that makes sense.
  7. JeremyRubin commented at 7:22 pm on February 24, 2017: contributor
    I would make sure to include something on how to back up – if all files contain secrets do I need back up all the files in that directory? Could see a lot of users being confused by that.
  8. laanwj commented at 9:22 am on February 25, 2017: member
    It should be necessary only to backup wallet.dat.
  9. MarcoFalke commented at 11:09 pm on March 23, 2018: member

    We should rename these things to make this error less likely in the future, at a minimum putting the environment in a directory named ‘walletdatabase’ would be a big improvement.

    This has been done. I think the issue can be closed.

  10. fanquake closed this on Mar 23, 2018
  11. MarcoFalke locked this on Sep 8, 2021


gmaxwell jnewbery laanwj JeremyRubin MarcoFalke

Labels
Privacy

github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2024-07-01 10:13 UTC
This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me