Re: Privacy guarantees

To: debian-vote@lists.debian.org
Subject: Re: Privacy guarantees
From: Bastian Blank <waldi@debian.org>
Date: Sun, 12 Sep 2021 10:34:06 +0200
Message-id: <[🔎] 20210912083406.GA13786@shell.thinkmo.de>
Mail-followup-to: debian-vote@lists.debian.org
In-reply-to: <[🔎] CAKTje6EfnCbi=N=6qH=4AK51diCZUmo4xRfRBXBzjXg96_nQKQ@mail.gmail.com>
References: <[🔎] CAFHYt54kPT4f+tdp0iYQkLdrMEKR2Y44qGCNnbEEX7Hqnr_kew@mail.gmail.com> <[🔎] CAKTje6EfnCbi=N=6qH=4AK51diCZUmo4xRfRBXBzjXg96_nQKQ@mail.gmail.com>

On Sat, Sep 11, 2021 at 06:18:16AM +0000, Paul Wise wrote:
> On Fri, Sep 10, 2021 at 2:44 PM Felix Lechner wrote:
> > A fellow developer and I have reached an impasse over the appropriate
> > level of privacy guarantees in Debian. [1]
> I think that lintian privacy tags currently represent several sets of bugs:

> The browsers shipping in Debian place no barriers between local files
> on disk, sites on the local network and sites on the Internet. So if
> someone reads some local documentation they didn't get from Debian
> using a browser from Debian, they could have a privacy violation.

Could you please describe what the policy violation is you see?
Especially as you generalize.

And yes, the browsers place barriers between local files and network.
E.g. chromium enforces a referrer policy of
"strict-origin-when-cross-origin" on file://.

Bastian

-- 
If I can have honesty, it's easier to overlook mistakes.
		-- Kirk, "Space Seed", stardate 3141.9

Reply to:

References:
- Privacy guarantees
  - From: Felix Lechner <felix.lechner@lease-up.com>
- Re: Privacy guarantees
  - From: Paul Wise <pabs@debian.org>

Prev by Date: Re: Privacy guarantees
Next by Date: Re: Privacy guarantees
Previous by thread: Re: Privacy guarantees
Next by thread: Re: Privacy guarantees
Index(es):
- Date
- Thread