On 2021-02-09 22:12:31 +0100, Ansgar wrote: > "Steinar H. Gunderson" writes: > > On Sat, Feb 06, 2021 at 10:16:29PM -0800, Josh Triplett wrote: > >> Furthermore, any mechanism they use to configure one of them > >> (e.g. for privacy or performance reasons) will not control the other, > >> and again they may well be unaware of the existence of the other one. > > > > I'm not sure what privacy reasons you're referring to? I'm not aware that > > neither mlocate/plocate nor e.g. tracker will leak data across users. > > If you have an encrypted /home (or /home/<login>), but unencrypted > /var/lib/plocate, you leak information about the encrypted files.
This would be the user's fault. I can also see /home/<login> "leaks" in log files. And mail "leaks" under /var/mail. So, in short, /var should be encrypted. -- Vincent Lefèvre <vinc...@vinc17.net> - Web: <https://www.vinc17.net/> 100% accessible validated (X)HTML - Blog: <https://www.vinc17.net/blog/> Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)
