Re: Proposal: plocate as standard for bookworm

[Ansgar <ansgar@43-1.org>]

"Steinar H. Gunderson" writes:
> On Sat, Feb 06, 2021 at 10:16:29PM -0800, Josh Triplett wrote:
>> Furthermore, any mechanism they use to configure one of them
>> (e.g. for privacy or performance reasons) will not control the other,
>> and again they may well be unaware of the existence of the other one.
>
> I'm not sure what privacy reasons you're referring to? I'm not aware that
> neither mlocate/plocate nor e.g. tracker will leak data across users.

If you have an encrypted /home (or /home/<login>), but unencrypted
/var/lib/plocate, you leak information about the encrypted files.

File indexing services run as a user would at least write only to
/home/<login> which would be encrypted.

Admittedly Debian's other defaults like making every file in $HOME
world-readable by default are very unfriendly too on both multi-user
systems (obviously) and single-user systems where suddenly even the
"nobody" user has access to lots of interesting files...

Ansgar