[kde] [Bug 464806] New: Kate (editor) leaks directory/file info in (~/.config/katemetainfos) from veracrypt (tested in LEAP 15.4)

[PattiMichelle]

https://bugs.kde.org/show_bug.cgi?id=464806

            Bug ID: 464806
           Summary: Kate (editor) leaks directory/file info in
                    (~/.config/katemetainfos) from veracrypt (tested in
                    LEAP 15.4)
    Classification: I don't know
           Product: kde
           Version: unspecified
          Platform: openSUSE
                OS: Linux
            Status: REPORTED
          Severity: major
          Priority: NOR
         Component: general
          Assignee: unassigned-bugs at kde.org
          Reporter: miche1 at earthlink.net
  Target Milestone: ---

SUMMARY
***
Kate (editor) leaks directory/file info in (~/.config/katemetainfos) from
encrypted volume after dismount (veracrypt)
***


STEPS TO REPRODUCE
1. mount a veracrypt volume
2. use Kate to create and edit a text file on the veracrypt volume
3. save/close kate, dismount veracrypt volume
4. use kfind to search "for text within files" on ~ for the name of the text
file created by Kate
5. will find a hit in ~/.config/katemetainfos

OBSERVED RESULT
A hit in ~/.config/katemetainfos leaks that a verycrypt volume was mounted and
edited, and also leaks part of the directory structure and where the veracrypt
volume was mounted in /  -  Unknown how many other leaks may exist in Kate.
Example hit:
[file:///media/veracrypt7/Dummydir/Dummyfile.txt]


EXPECTED RESULT
No record that an encrypted volume was mounted or used.  
A secure encryption will leak no information.  (D. Boneh [2015])


SOFTWARE/OS VERSIONS
Windows: 
macOS: 
Linux/KDE Plasma: LEAP 15.4
(available in About System)
KDE Plasma Version: 5.24
KDE Frameworks Version: 
Qt Version: 

ADDITIONAL INFORMATION

-- 
You are receiving this mail because:
You are the assignee for the bug.