4 Replies
      Latest reply on Jan 14, 2019 10:17 AM by dmaclach
      dmaclach Level 1 Level 1 (0 points)

        If I have a string in an os_signpost_* call that is not marked public such as:

         

        os_signpost_interval_begin(log, my_id, "name", "myName: %s", myName);

         

        what is actually able to see that? It appears to be showing up visible in Instruments just fine without any special effort on my part. The documentation I can find on os_signpost (and os_log for that matter) is incredibly vague about exactly how privacy works, and especially for doing instruments you often need configurable strings.

        • Re: Privacy in os_signpost logs
          cwoolf Apple Staff Apple Staff (30 points)

          I believe string constants are allowed to pass through.  Is "myName" ultimately pointing at a string constant?

            • Re: Privacy in os_signpost logs
              dmaclach Level 1 Level 1 (0 points)

              hmmm... in this case "myName" is actually class_getName([self class]);

                • Re: Privacy in os_signpost logs
                  cwoolf Apple Staff Apple Staff (30 points)

                  Seems like that could be encoded in a constant string section of the binary.  Generally speaking, logging does its best to log as much information as possible, but will stop short if there is a risk of leaking personal information.  Numbers are generally safe, and I think string constants are, but strings on the heap are not.  If you have a string that you know doesn't leak personal information, then you should as a habbit mark it as public.

                    • Re: Privacy in os_signpost logs
                      dmaclach Level 1 Level 1 (0 points)

                      Interestingly if I mark the string as "private" (%{private}s) it still shows up in instruments. What actually controls whether or not private strings are emitted?

                       

                      I want developers to be able to see these strings, but I really don't want people to be able to log them when we release our app. In C/C++ I could possible define them out with the preprocessor (although I hate doing this), but I really don't have a great solution for our swift code.