SUMMARY Dolphin (KDE/OpenSuSE 15.1) seems to store directory paths (and maybe file names) under the user's ~/.local directory. This is a security leak. For instance, using KDE/Dolphin to navigate the directory tree in a VeraCrypt volume records the directory structure and filenames. STEPS TO REPRODUCE 1. Open VeraCrypt volume 2. Navigate directory tree and open some file in VC volume 3. Close/unmount Veracrypt volume 4. Use kfind to search for the VC file that was opened under Dolphin 4. Kfind will show a record of the location of that file under the VC volume (in opensuse this is under ~/.local/share/) 5. = Major security breakage + permanent record OBSERVED RESULT Breaks security EXPECTED RESULT No security leaks - quick/temp solution: suggest a "wipe history" function for Dolphin which does "rm" function (not "move-to-trash") for these records. This could be a user-interface function similar to clipboard's "clear clipboard history" function. SOFTWARE/OS VERSIONS Windows: macOS: Linux/KDE Plasma: ~> plasmashell --version plasmashell 5.12.8 (available in About System) KDE Plasma Version: KDE Frameworks Version: Qt Version: ADDITIONAL INFORMATION
It is also storing thumbnails of external volumes to the home folder. The thumbnails could reveal secure information (e.g. for text files). We need a way to find out if a local path is actually a path to an encrypted volume or folder.
Are there calls which determine if luks or vera/true-crypt are in use? Maybe just don't store any removable drive's information? Drives in fstab could get a flag? Maybe for starters the idea about a "clear history" function with classes of affected drives (removable, fstab, etc....) Sorry I don't know more about deep (or even shallow) linux...