On Tue, 2 May 2023 at 17:54, Ihor Radchenko <yanta...@posteo.net> wrote:
> I think `recentf-save-file' for example is no different. And > org-id-locations-file. And custom-file, if you happen to save safe > buffer-local variables by answering "!" in Emacs prompt. And many many > other places. Those two are easy to avoid, if one wishes. But granted, there are plenty of places, some keeping file names, some worse. Still, this is arguably something to avoid. > I do not think that file name, even from encrypted volume, is something > we need to worry about. Granted too. What I'm worried about is being able to disable the feature. Besides, why store it in the index if the persist file does not exist? > I even suspect that, for example, browser cache often contains all kinds > of secrets, like files associated with web pages were you logged in. And > they can be read by anyone familiar with the layout! (like > https://www.nirsoft.net/utils/chrome_cache_view.html) I really hope that's not Org's benchmark. ;-) > That said, do not worry about this issue being forgotten. But it is not > easy to design cleanly. I am thinking about it. > Of course, if you have good ideas or patches, they are welcome. Thank you! Best, Gustavo.
