Tumbler privacy issues
Bug #1334469 reported by
Matiss Treinis
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
tumbler (Ubuntu) |
New
|
Undecided
|
Unassigned |
Bug Description
By default Tumbler is not limited to user's home directory nor there is expiry mechanism for thumbnails to expire automatically. Tumbler also saves all the thumbnails from removable drives by default.
This functionality should be addressed as a security and privacy concern, because by evaluating contents of the .thumbnails one is able to get an idea on what's is and have been stored on the computer, and even remote media.
To post a comment you must log in.
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross privilege boundaries nor directly cause loss of data/privacy. Please feel free to report any other bugs you may find.