Karsten Bräckelmann wrote: > The FS of the source is irrelevant. > > And it *is* only you or root who can access these thumbnails. Otherwise, > your $HOME's permissions are either borked or set explicitly and > knowingly.
you seem to be confusing user ( = person sitting in front of the PC) and account ( = abstract concept that most mainstream PC users don't care about). It is any *person* who has access to the account that can access the thumbnails in $HOME. It is only the *person* who has access to the media with the originals that can access them and only this other *person* should have access to the thumbs. Since those two may be two different *persons*, that's a potential leak. >> The right design is to keep the thumbs on the same media where the >> originals are (and if applicable with same permissions as far as >> user/root access is concerned). > > No. Random application (let's assume a default Win XP) does not know > about the location of these thumbnails. It will not care about them. It > will not remove them along with the originals. Tada -- you got your > privacy concerned images saved as thumbnails for the unforeseeable > future on the media, readable by *everyone* who gets access to that > media after the user believed the images to have been removed. No. Random application does not need to know anything as long as Random application does not leak information to any other media where another *person* may access it. The thumb should be linked to the original, not to $HOME. The original is on the media, hence that's the place for the thumb. If somebody can read the media, they shall have access to both the original and the thumb. If somebody can't read the originals, they should not have access to the thumbs. Since the access to the originals passes via the media, the thumbs should be stored there. > Now *this* is a privacy nightmare. My $HOME is not. the nightmare is an admin-centric idea of a desktop, as opposed to a user-centric. user != account user = human <http://panospace.wordpress.com/2008/04/15/the-human-reflex/> Yuv _______________________________________________ Usability mailing list Usability@gnome.org http://mail.gnome.org/mailman/listinfo/usability
