Bug 420127

SUMMARY
Thumbnails are generated inside Plasma Vaults and stored in the insecure ~/.cache/thumbnails and ~/.thumbnails directories, but are not shown to the user.

STEPS TO REPRODUCE
1. Create a Vault and add some photos to it.
2. Refresh Dolphin, maybe navigate out of and back into the Vault.
3. Open Gwenview, toggle between Browse and View, and open and close the Thumbnail Bar.
4. Close the Vault.
5. I'm not sure which actions caused it, but in ~/.cache/thumbnails and/or ~/.thumbnails, there should be files with an EXIF ThumbURI corresponding to the files inside the Vault. You can use this script to locate them:

#!/bin/bash
VAULT_MOUNT="$HOME/Vaults"
find "$HOME/.cache/thumbnails" "$HOME/.thumbnails" -type f | while read FILE; do
TAG=$(exiftool -ThumbURI "$FILE")
URI="${TAG#* : }"
if [[ $URI == *"$VAULT_MOUNT"* ]]; then; echo "$FILE: $URI"; fi
done

OBSERVED RESULT
Thumbnails of files within the Vault are stored UNENCRYPTED, OUTSIDE THE VAULT!!! Dolphin does not display these thumbnails, which may mislead users into thinking thumbnails aren't being generated.

EXPECTED RESULT
Applications should either store thumbnails inside the Vault, or not generate them at all. Ideally, users should be able to select which of these behaviors they prefer.

SOFTWARE/OS VERSIONS
Windows: 
macOS: 
Linux/KDE Plasma: KDE Neon 5.18 User Edition, kernel 4.18.0-25-generic
(available in About System)
KDE Plasma Version: 5.18.4
KDE Frameworks Version: 5.69.0
Qt Version: 5.14.1

ADDITIONAL INFORMATION