Hi!
After the recent RCE in libcue DSA-5524-1, CVE-2023-43641, [1], I've decided
to re-check that I have scanning of the ~/Downloads directory disabled for GNOME Search. The Settings app of GNOME says it's disabled but if I do
gsettings get org.freedesktop.Tracker3.Miner.Files index-single-directories
it lists '@DOWNLOADS' along with '$HOME' (scanning of which is enabled).
IOW, it looks exactly as a bug discussed back then in [2,3].
I have executed
gsettings set org.freedesktop.Tracker3.Miner.Files \
index-single-directories '['\''$HOME'\'']'
and
systemctl --user restart tracker-miner-fs-3.service
to have the scanning of ~/Downloads disabled for sure (I hope) but this got me thinking: is this situation warrants filing a bug against GNOME in Debian?
I should note that I have upgraded Debian on this particular device twice,
to the first Debian version with GNOME which has been installed was 10.
It's quite possible that the bug got triggered on an older version, and merely presisted through upgrades, and if so, it may only affect the users in the
same situation.
1.
https://lists.debian.org/debian-security-announce/2023/msg00217.html
2.
https://discussion.fedoraproject.org/t/is-tracker-scanning-downloads-again-despite-the-folder-being-ignored/24828/7
3.
https://bugzilla.redhat.com/show_bug.cgi?id=1900227
--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)