GNU bug report logs - #65973
[PATCH] ; send filename, not full path, on EWW form submit

Previous Next

Full log

Message #35 received at 65973 <at> debbugs.gnu.org (full text, mbox):

From: Eli Zaretskii <eliz <at> gnu.org>
To: Stefan Kangas <stefankangas <at> gmail.com>
Cc: jporterbugs <at> gmail.com, ozzloy <at> challenge-bot.com, 65973 <at> debbugs.gnu.org,
 ozzloy <at> gmail.com, sebastian <at> sebasmonia.com
Subject: Re: bug#65973: [PATCH] ;
 send filename, not full path, on EWW form submit
Date: Thu, 07 Nov 2024 08:20:41 +0200

> From: Stefan Kangas <stefankangas <at> gmail.com>
> Date: Wed, 6 Nov 2024 23:30:54 +0000
> Cc: ozzloy <at> challenge-bot.com, 65973 <at> debbugs.gnu.org, ozzloy <at> gmail.com
> 
> Jim Porter <jporterbugs <at> gmail.com> writes:
> 
> > On 11/5/2024 9:08 AM, Eli Zaretskii wrote:
> >
> >> I'd like some rationale for this change.  The original report never
> >> explains why sending the full absolute file name to the server is bad.
> >
> > I see three possible reasons: 1) there could be (probably minor) privacy
> > issues with sending the directory structure along to a server;
> 
> >From a privacy perspective, I don't think this we can really consider
> this as a minor issue.
> 
> Users commonly use their full names, or another similarly unique
> identifier, as their login name.  It goes without saying, that sending a
> string such as "/home/myfullname/some/file" to a remote host completely
> defeats all notions of preserving user privacy.

The private information can be in the file name you send as well, so
this is not a convincing argument.

But since the RFC says to ignore the leading directories, I think the
change is okay, provided we describe the rationale in the comments to
the code.  It is very unusual thing in Emacs to remove leading
directories from a file name, so doing so generally begs for some
commentary.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.