okular save information aboud _ever opened_ files in a folder (~/.kde/share/apps/okular/docdata/) where files are described as <some number>.<filename>.pdf.xml For security reasons I suggest using a hash of a file name instead. This leads to better privacy (not ultimate, of course) if someone wanted to check what the user has read. Thoughts: 1/ include absolute path in the name hash, so a/my.pdf and b/my.pdf are treated differently - its a question if such a behavior is a bug, or a feature. 2/ include size in bytes in name-hash, so different files named the same are handeled. 2.1/ what about comments to file, filled in form fields - do they change file size? (pdf) Thanks for consideration. Cheers, mark Reproducible: Always
(In reply to comment #0) > 2/ include size in bytes in name-hash, so different files named the same are > handeled. "some number" is the size in bytes > 2.1/ what about comments to file, filled in form fields - do they change > file size? (pdf) If you save them through "save as" they do; if you just let okular autosave on close into the docdata folder they don't, because the original file is left untouched my two cents.. :)
Just wanted to post the exact same issue: In ~/.local/share/okular/docdata/ you find a lot of docdata (for restoring current page, zoom etc.) that all contain the filenames from files you have opened. Moving to checksums would have the advantage of preventing the filenames from constantly being "leaked" and more importantly would allow a document view (current position etc.) to be restored even when that file was moved to a different location.
I just noticed this leaky behavior of okular and was about to file a security bug, but I see someone else already did.... Please, at the very least, okular should "chmod 700 ~/.local/share/okular/docdata." Right now, any user on the system can see file paths in "docdata" by default.