Bug 430270

Summary: directory-tree/file data stored for encrypted volumes
Product: [Applications] dolphin Reporter: PattiMichelle <miche1>
Component: generalAssignee: Dolphin Bug Assignee <dolphin-bugs-null>
Status: CONFIRMED ---    
Severity: grave CC: dolphin-bugs-null, miche1, nate
Priority: NOR    
Version First Reported In: unspecified   
Target Milestone: ---   
Platform: unspecified   
OS: Linux   
Latest Commit: Version Fixed/Implemented In:
Sentry Crash Report:

Description PattiMichelle 2020-12-11 17:41:18 UTC 
SUMMARY
Dolphin (KDE/OpenSuSE 15.1) seems to store directory paths (and maybe file names) under the user's ~/.local directory.  This is a security leak.  For instance, using KDE/Dolphin to navigate the directory tree in a VeraCrypt volume records the directory structure and filenames.

STEPS TO REPRODUCE
1. Open VeraCrypt volume
2. Navigate directory tree and open some file in VC volume
3. Close/unmount Veracrypt volume 
4. Use kfind to search for the VC file that was opened under Dolphin
4. Kfind will show a record of the location of that file under the VC volume (in opensuse this is under ~/.local/share/)
5. = Major security breakage + permanent record

OBSERVED RESULT
Breaks security

EXPECTED RESULT
No security leaks - quick/temp solution: suggest a "wipe history" function for Dolphin which does "rm" function (not "move-to-trash") for these records.  This could be a user-interface function similar to clipboard's "clear clipboard history" function.

SOFTWARE/OS VERSIONS
Windows: 
macOS: 
Linux/KDE Plasma: 
~> plasmashell --version
plasmashell 5.12.8

(available in About System)
KDE Plasma Version: 
KDE Frameworks Version: 
Qt Version: 

ADDITIONAL INFORMATION
Comment 1 Christoph Feck 2020-12-11 17:48:35 UTC 
It is also storing thumbnails of external volumes to the home folder. The thumbnails could reveal secure information (e.g. for text files).

We need a way to find out if a local path is actually a path to an encrypted volume or folder.
Comment 2 PattiMichelle 2020-12-29 17:00:40 UTC 
Are there calls which determine if luks or vera/true-crypt are in use?  Maybe just don't store any removable drive's information?  Drives in fstab could get a flag?  Maybe for starters the idea about a "clear history" function with classes of affected drives (removable, fstab, etc....)

Sorry I don't know more about deep (or even shallow) linux...