[Digikam-devel] [Bug 145252] Umask settings used for album directory, not for image files

Achim Bohnet ach at mpe.mpg.de
Fri Oct 19 12:56:17 BST 2007


------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
         
http://bugs.kde.org/show_bug.cgi?id=145252         




------- Additional Comments From ach mpe mpg de  2007-10-19 13:56 -------
About caches (thumbnail, fulltext indices, htmlpages ...):

The reason they should be readable only by the owner is that
one should only have access to the cached info, if you have
access to the original data.

If e.g. another person has access to an image depends on 
each componemt of the full path to the image.  Nothing one can
map into a single protection mask of a file.   Keeping caches
and access permissions of external images in sync is impossible.
Ditto for date base entries. (fwiw digikam3.db violates this
by default)

One way to circumvent this problem is used in (s)locate:  It
collects everything as root, but readable only by _one_ specially
empowered executable.  And this program makes sure that only meta
data are delivered if the user has access to the original data.


If one lowers the access to meta information, it should never be
done by default.  If user does it, should be informed about the
consequences.

Achim



More information about the Digikam-devel mailing list