[Okular-devel] [kde] [Bug 267350] filling out a PDF form saves data to some file i ~/.kde/share/apps/okular/docdata/
John McCabe-Dansted
gmatht at gmail.com
Wed Jan 11 00:58:28 UTC 2012
On Wed, Jan 11, 2012 at 7:44 AM, Dan Armbrust
<daniel.armbrust.list at gmail.com> wrote:
> So, you have proven that you don't take a security issue seriously.
To be fair, fixing this bug wouldn't stop sensitive information
appearing in swap. Sensitive information also has a tendency to appear
in /tmp and /var as well. The EFF recommends full disk encryption,
which would stop this appearing in clear text anywhere.
> The easy fix is to disable this feature until it can be redeveloped
> with some thought about proper handling of peoples data.
Iirc, last time I used this feature it wouldn't let me print the
annotations, and due to the policy of storing the annotations in a
non-standard format other pdf annotation software couldn't recover my
annotations. I ended up printing a screenshot. Having a warning that
this annotation feature was likely to eat my homework and dump it in
an unencrypted partition would've been nice.
--
John C. McCabe-Dansted
More information about the Okular-devel
mailing list