[opensuse] Cleaning the .thumbnails directory
Before C left us he asked the question about how to clean up the 'temp' directories which, in his case, consumed a large volume of his disk space. This problem was solved. But, what - if anything - cleans out, or should clean out, the /.thumbnails directory in /home? I had forgotten about this until just now and when I looked in this directory it was 23MB big - so, using mc, I deleted the contents (which is what I did in the past). But is there some automatic way of clearing this directory? (The contents of this directory are rather dangerous because every pic/graphic you look at on the web or which is on your system has a thumbnail created in /.thumbnails. And whoever has access to your /home directory can look at what you have been looking at - like all those stimulating and exiting naughty-type pictures - of dogs and cats and fish of course :-) .) BC -- Using openSUSE 13.1, KDE 4.13.2 & kernel 3.15.3-1 on a system with- AMD FX 8-core 3.6/4.2GHz processor 16GB PC14900/1866MHz Quad Channel RAM Gigabyte AMD3+ m/board; Gigabyte nVidia GTX660 GPU -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 07/07/2014 10:57 AM, Basil Chupin wrote:
Before C left us he asked the question about how to clean up the 'temp' directories which, in his case, consumed a large volume of his disk space. This problem was solved.
But, what - if anything - cleans out, or should clean out, the /.thumbnails directory in /home?
I had forgotten about this until just now and when I looked in this directory it was 23MB big - so, using mc, I deleted the contents (which is what I did in the past).
But is there some automatic way of clearing this directory?
Why would you want to do that?
[...] And whoever has access to your /home directory
What's that again? I thought we were running Linux not Windows. -- /"\ \ / ASCII Ribbon Campaign X Against HTML Mail / \ -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 07/07/2014 11:01 AM, Anton Aylward pecked at the keyboard and wrote:
On 07/07/2014 10:57 AM, Basil Chupin wrote:
Before C left us he asked the question about how to clean up the 'temp' directories which, in his case, consumed a large volume of his disk space. This problem was solved.
But, what - if anything - cleans out, or should clean out, the /.thumbnails directory in /home?
I had forgotten about this until just now and when I looked in this directory it was 23MB big - so, using mc, I deleted the contents (which is what I did in the past).
But is there some automatic way of clearing this directory?
Why would you want to do that?
[...] And whoever has access to your /home directory
What's that again? I thought we were running Linux not Windows.
Just look at the perms of your home dir, you'll find them to be "drwxr-xr-x" meaning everyone and their brother can access you home dir and most of it's contents. I objected to this setting believing it should be "drwx------" to keep everyone but root out completely and was told for all practical matters to "go fly a kite" as everyone should be able to "see" everyone else's home dir and files in it. And yes having read and execute access (via the world setting) you can go into someone's home folder without problem. And if any files have read access (again via the world settings) you can look at and copy anyone's files to your home folder. All you have to do is look at all of your files and folders and see which have "-rwx-r-xr-x" for files and "drwxr-xr-x" for folders. For single user system not much of a problem BUT once you allow multiple people to login to the same machine be careful, very careful. -- Ken Schneider SuSe since Version 5.2, June 1998 -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 07/07/2014 11:32 AM, Ken Schneider - openSUSE wrote:
On 07/07/2014 11:01 AM, Anton Aylward pecked at the keyboard and wrote:
On 07/07/2014 10:57 AM, Basil Chupin wrote:
Before C left us he asked the question about how to clean up the 'temp' directories which, in his case, consumed a large volume of his disk space. This problem was solved.
But, what - if anything - cleans out, or should clean out, the /.thumbnails directory in /home?
I had forgotten about this until just now and when I looked in this directory it was 23MB big - so, using mc, I deleted the contents (which is what I did in the past).
But is there some automatic way of clearing this directory?
Why would you want to do that?
[...] And whoever has access to your /home directory
What's that again? I thought we were running Linux not Windows.
Just look at the perms of your home dir, you'll find them to be "drwxr-xr-x" meaning everyone and their brother can access you home dir and most of it's contents. I objected to this setting believing it should be "drwx------" to keep everyone but root out completely and was told for all practical matters to "go fly a kite" as everyone should be able to "see" everyone else's home dir and files in it.
Flaming ${DEITY} on a crutch! Who told you that? What department of the NSA was he from? Let me guess: there was, hypocritically, a 'clean desk' policy and a policy that required a password screen saver for whenever you left your desk to go to the wash-room.
And yes having read and execute access (via the world setting) you can go into someone's home folder without problem. And if any files have read access (again via the world settings) you can look at and copy anyone's files to your home folder. All you have to do is look at all of your files and folders and see which have "-rwx-r-xr-x" for files and "drwxr-xr-x" for folders. For single user system not much of a problem BUT once you allow multiple people to login to the same machine be careful, very careful.
Years ago I recall a meeting where the sysadmin mentioned that he had stored backup copies of the generated a distributed private keys in a file in his own home directory. There was a hush at the table and all eyes turned towards him. I reminded me of a scene in 'A Few Just Men'. https://www.youtube.com/watch?v=hopNAI8Pefg at 1:39 https://www.youtube.com/watch?v=t7EksvnO9hI at 5:37 Yes the file was world readable; no the sysadmin was no dismissed. The keys were regenerated and reissued, at some expense. -- /"\ \ / ASCII Ribbon Campaign X Against HTML Mail / \ -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Anton Aylward wrote:
On 07/07/2014 11:32 AM, Ken Schneider - openSUSE wrote:
folders. For single user system not much of a problem BUT once you allow multiple people to login to the same machine be careful, very careful.
That used to be ALL Unix users.... and drwxr-xr-x was just fine, and continues to be. All you have to do is explain the concept of permissions to users, and show them how to modify their permissions as needed.
Years ago I recall a meeting where the sysadmin mentioned that he had stored backup copies of the generated a distributed private keys in a file in his own home directory. There was a hush at the table and all eyes turned towards him. I reminded me of a scene in 'A Few Just Men'. https://www.youtube.com/watch?v=hopNAI8Pefg at 1:39 https://www.youtube.com/watch?v=t7EksvnO9hI at 5:37
Yes the file was world readable; no the sysadmin was no dismissed.
An admin who doesn't know to use (and how to use) chmod???? Wow.... just wow.... -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 07/07/2014 04:03 PM, Dirk Gently wrote:
An admin who doesn't know to use (and how to use) chmod????
And admin who didn't understand the implications ... And THOSE are much more common! -- /"\ \ / ASCII Ribbon Campaign X Against HTML Mail / \ -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Anton Aylward wrote:
On 07/07/2014 04:03 PM, Dirk Gently wrote:
An admin who doesn't know to use (and how to use) chmod????
And admin who didn't understand the implications ... And THOSE are much more common!
...has no business being an admin.. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 07/08/2014 11:33 PM, Dirk Gently wrote:
Anton Aylward wrote:
On 07/07/2014 04:03 PM, Dirk Gently wrote:
An admin who doesn't know to use (and how to use) chmod????
And admin who didn't understand the implications ... And THOSE are much more common!
...has no business being an admin..
The reaction to the 'skills shortage' seems to be to hire people who don't have the skills. Perhaps that why there are people like me (and a few others here) who are crying out about this. Perhaps that's why things like COBIT and ISO27K are growing in popularity - fall back to other people expertise and 'check lists' in absense of any real skill. Cyril Kornbluth's short story "The Little Black Bag" comes to mind. http://www.gutenberg.ca/ebooks/kornbluth-littleblack/kornbluth-littleblack-0... -- /"\ \ / ASCII Ribbon Campaign X Against HTML Mail / \ -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Ken Schneider - openSUSE wrote:
On 07/07/2014 11:01 AM, Anton Aylward pecked at the keyboard and wrote:
On 07/07/2014 10:57 AM, Basil Chupin wrote:
Before C left us he asked the question about how to clean up the 'temp' directories which, in his case, consumed a large volume of his disk space. This problem was solved.
But, what - if anything - cleans out, or should clean out, the /.thumbnails directory in /home?
I had forgotten about this until just now and when I looked in this directory it was 23MB big - so, using mc, I deleted the contents (which is what I did in the past).
But is there some automatic way of clearing this directory?
Why would you want to do that?
[...] And whoever has access to your /home directory
What's that again? I thought we were running Linux not Windows.
Just look at the perms of your home dir, you'll find them to be "drwxr-xr-x" meaning everyone and their brother can access you home dir and most of it's contents. I objected to this setting believing it should be "drwx------" to keep everyone but root out completely and was told for all practical matters to "go fly a kite" as everyone should be able to "see" everyone else's home dir and files in it. And yes having read and execute access (via the world setting) you can go into someone's home folder without problem. And if any files have read access (again via the world settings) you can look at and copy anyone's files to your home folder. All you have to do is look at all of your files and folders and see which have "-rwx-r-xr-x" for files and "drwxr-xr-x" for folders. For single user system not much of a problem BUT once you allow multiple people to login to the same machine be careful, very careful.
A lot of organizations using Linux or Unix would come to a screeching halt if the default permissions for home directories were drwx------. If you want to keep something private, you put it in a subdirectory, and chmod that directory to 700. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 07/07/2014 04:00 PM, Dirk Gently wrote:
A lot of organizations using Linux or Unix would come to a screeching halt if the default permissions for home directories were drwx------.
Please explain why. Please explain what business decisions lead to and justify that and why they exclude other approaches. I ask this because I have run both development and operational sites where the user's individual home directories were so protected. If your justification is the need to share, then there are other, cleaner, better managed ways to do it, such as setting up project directories or using web based interfaces. The usual objection to those lie with access control, but that is just indicative of people who either don't understand set theory/group theory or don't have 'idiot stick' admin tools that let them set up and manage groups. (This is where LDAP based administration can come in very useful.) Of course many system implement some kind of RBAC (even if only in overlay). It is a matter of how seriously your organization takes security. There is increasing pressure in this area. While one can do wonderful things with the 1970s era UNIX groups and the basic 'ugo'/'rwx' it is still limited for the modern world with thousands of users and hundreds of 'domains'. At least RBAC drags Linux 'kicking and screaming' into the 1990s (which is when RBAC was first developed). Go google and find things like https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/htm... http://cs.wellesley.edu/~cs342/fall10/papers/asolomon-thesis.pdf As I say, it boils down to how seriously your organization takes security. -- /"\ \ / ASCII Ribbon Campaign X Against HTML Mail / \ -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Le 08/07/2014 15:09, Anton Aylward a écrit :
On 07/07/2014 04:00 PM, Dirk Gently wrote:
A lot of organizations using Linux or Unix would come to a screeching halt if the default permissions for home directories were drwx------.
there is a yast/users and security/security center that should give all what you want jdd -- http://www.dodin.org -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 07/08/2014 09:21 AM, jdd wrote:
Le 08/07/2014 15:09, Anton Aylward a écrit :
On 07/07/2014 04:00 PM, Dirk Gently wrote:
A lot of organizations using Linux or Unix would come to a screeching halt if the default permissions for home directories were drwx------.
there is a yast/users and security/security center that should give all
NOT! You forget, baseline UNIX/Linux only implements DAC - DISCRETIONARY access control, not MAC - MANDATORY access control. That is why enterprise grade implementations from the 'Big Vendors' such as SUN, IBM and HP, layered more comprehensive access control management systems -- usually resembling RBAC in some way - on top of their implementations of UNIX. The 'ugo'/'rwx' model of UNIX form the 1970s was a KISS view of things. One glaring omission in the permissions vector, for example, is who has the ability to modify the file status. There is the implicit assumption that if you own the file you can do anything with it. Including 'give it away'. The example ~ being rwx------ for example, makes little sense since since the user owns that and can modify that permissions. There is no way to implement a MANDATORY restriction. Taking away the user's ownership stops them modify the permissions but it also stops them creating new files and directories in their home directory. Well, perhaps they shouldn't be doing that :-) One way around this is to have a group for each user and the user being the only member of that group: $ grep anton /etc/group .... anton:x:1001:anton .... and having $ ls -ld ~anton drwxdrwx---- 1 root anton 3454 Jul 8 09:20 /home/anton It not perfect for any situation, but it offers some alternatives. -- /"\ \ / ASCII Ribbon Campaign X Against HTML Mail / \ -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 07/08/2014 09:09 AM, Anton Aylward wrote:
A lot of organizations using Linux or Unix would come to a screeching halt if the default permissions for home directories were drwx------.
Please explain why. Please explain what business decisions lead to and justify that and why
On 07/07/2014 04:00 PM, Dirk Gently wrote: they exclude other approaches.
I ask this because I have run both development and operational sites where the user's individual home directories were so protected.
If your justification is the need to share, then there are other, cleaner, better managed ways to do it, such as setting up project directories or using web based interfaces.
I agree. I have used other distros where the home directory group is the owner, not users. I also fail to understand why a home directory has to be readable by everyone, unless the owner wants to make it so. I don't have a problem of shared directories available to specific groups, including users. While it has been a while, I have set up systems at work where a users directory is available only to them and root, with appropriately shared group directories for specific groups. However, on my own systems, where I'm the only user, it doesn't make much difference. Regardless I would prefer a bit more privacy for home directories. As it is, a user has to know how to restrict permissions, otherwise any directory they create will be 755, allowing anyone to read the contents. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 07/08/2014 09:09 AM, Anton Aylward pecked at the keyboard and wrote:
On 07/07/2014 04:00 PM, Dirk Gently wrote:
A lot of organizations using Linux or Unix would come to a screeching halt if the default permissions for home directories were drwx------.
Please explain why. Please explain what business decisions lead to and justify that and why they exclude other approaches.
I ask this because I have run both development and operational sites where the user's individual home directories were so protected.
If your justification is the need to share, then there are other, cleaner, better managed ways to do it, such as setting up project directories or using web based interfaces.
The usual objection to those lie with access control, but that is just indicative of people who either don't understand set theory/group theory or don't have 'idiot stick' admin tools that let them set up and manage groups. (This is where LDAP based administration can come in very useful.)
Of course many system implement some kind of RBAC (even if only in overlay).
It is a matter of how seriously your organization takes security. There is increasing pressure in this area.
While one can do wonderful things with the 1970s era UNIX groups and the basic 'ugo'/'rwx' it is still limited for the modern world with thousands of users and hundreds of 'domains'. At least RBAC drags Linux 'kicking and screaming' into the 1990s (which is when RBAC was first developed).
Go google and find things like
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/htm...
http://cs.wellesley.edu/~cs342/fall10/papers/asolomon-thesis.pdf
As I say, it boils down to how seriously your organization takes security.
The company I worked for was in the medical field and took security very serious due to HIPPA regulations. As such all user accounts had their home folders set to "drwx------" to keep prying eyes away from documents containing medical/billing history from accounts they were not working on (medical billing). People were usually assigned to specific accounts (Doctor office) and not allowed to work on different accounts. -- Ken Schneider SuSe since Version 5.2, June 1998 -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Anton Aylward wrote:
On 07/07/2014 04:00 PM, Dirk Gently wrote:
A lot of organizations using Linux or Unix would come to a screeching halt if the default permissions for home directories were drwx------.
Please explain why. Please explain what business decisions lead to and justify that and why they exclude other approaches.
I ask this because I have run both development and operational sites where the user's individual home directories were so protected.
Well, then, you've never worked at the organizations I've been in.
If your justification is the need to share, then there are other, cleaner, better managed ways to do it, such as setting up project directories or using web based interfaces.
Or a user can put all of his personal stuff in a personal directory that he keeps locked down. MUCH simpler.
The usual objection to those lie with access control, but that is just indicative of people who either don't understand set theory/group theory or don't have 'idiot stick' admin tools that let them set up and manage groups. (This is where LDAP based administration can come in very useful.)
I'm very familiar with it. When I was in college, we were told explicitly to NOT allow our programming projects to be publicly readable (to prevent people from copying each other's homework, etc.). If 18-year old freshmen can handle it, then surely adults in the workplace can figure it out.
Of course many system implement some kind of RBAC (even if only in overlay).
It is a matter of how seriously your organization takes security. There is increasing pressure in this area.
There's security, and then there's setting up pointless walls which the employees will just bypass, destroying all of your grand security ideas.
While one can do wonderful things with the 1970s era UNIX groups and the basic 'ugo'/'rwx' it is still limited for the modern world with thousands of users and hundreds of 'domains'. At least RBAC drags Linux 'kicking and screaming' into the 1990s (which is when RBAC was first developed).
When you cross a domain, you're going outside of not only the tightly knit group, you're typically going across organizational lines, too (like Engineering and Accounting).
Go google and find things like
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/htm...
http://cs.wellesley.edu/~cs342/fall10/papers/asolomon-thesis.pdf
As I say, it boils down to how seriously your organization takes security.
Not every organization is the Department of Defense. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 07/08/2014 11:31 PM, Dirk Gently wrote:
Or a user can put all of his personal stuff in a personal directory that he keeps locked down.
MUCH simpler.
Given the default for user created directories is to allow group and other read & execute, the user has to know how to set permissions to keep others out. A group directory is much better for sharing. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 07/08/2014 11:31 PM, Dirk Gently wrote:
Anton Aylward wrote:
On 07/07/2014 04:00 PM, Dirk Gently wrote:
A lot of organizations using Linux or Unix would come to a screeching halt if the default permissions for home directories were drwx------.
Please explain why. Please explain what business decisions lead to and justify that and why they exclude other approaches.
I ask this because I have run both development and operational sites where the user's individual home directories were so protected.
Well, then, you've never worked at the organizations I've been in.
:-) No, just many banks and other places that need 'Chinese wall' security for legal and business reasons.
If your justification is the need to share, then there are other, cleaner, better managed ways to do it, such as setting up project directories or using web based interfaces.
Or a user can put all of his personal stuff in a personal directory that he keeps locked down.
MUCH simpler.
No, not simpler because it makes many assumptions about users being savvy enough and disciplined enough to do all that. I have enough battles dealing with developers who demand production data for testing, try to release inadequately tested apps to production and more. Given that these people who *KNOW* UNIX can't be relied on to follow basic security practices, how can wee expect the Joe Sixpack users to? It is clear that you don't understand the difference between 'discretionary", that is end-user managed, access control, and policy-driven and enforced 'mandatory' access control. Users should need to know this kind of thing, shouldn't have to deal with it. Setting things up so that it is so is the responsibility of the admin. Defining the need to have this basic mandatory security, so as to comply with a host of both regulations and good practices, is management's responsibility. Letting admins make decisions about this according to their personal judgement means that management is failing in its (possibly fudicial) duty. Early in my career I did work at the kind of comapnines you describe and hated it ebcuase the lack of policy and enforcement mean that I was forever 'fighting fires', cleaning up messes that arose from the lack of policy and enforcement and getting in 'Sez You' arguments over good practice. That may be fine in 'the frontier' or as Steve McConnel puts it, during Gold Rush days[1]
If 18-year old freshmen can handle it, then surely adults in the workplace can figure it out.
Experience tells me otherwise.
Of course many system implement some kind of RBAC (even if only in overlay).
It is a matter of how seriously your organization takes security. There is increasing pressure in this area.
There's security, and then there's setting up pointless walls which the employees will just bypass, destroying all of your grand security ideas.
While true you are adopting a 'throw the baby out with the bathwater' attitude. Security can also focus on what needs to be done, eliminate distractions, remove 'cart-before-the-horse' scenarios, garner budget, coordinate activities of various groups, achieve economies of scale, assure consistency, and from a management perspective it has a number of advantages related to legal and regulatory matters. I realise that a highly focused 'heads-down' sysadmin won't see any of these aspects, but business does need to deal with this. From a business POV its as essential bas a disaster recovery plan.
When you cross a domain, you're going outside of not only the tightly knit group, you're typically going across organizational lines, too (like Engineering and Accounting).
That may be true in some circumstances but there are many situations where the 'domains' exist as silos withing the same group. Brokers at a brokerage need to have 'Chinese walls' that limit what can be communicated between different brokers. One of the advantages of RBAC is the way you can define a hierarchy -- something that is very difficult to do with the basic UNIX groups mechanism.
Not every organization is the Department of Defense.
True. There are banks, there are brokerages, there are companies like Ford and GM that have 'trade secrets' and need to protect against stock manipulation. Heck, its very clear that the basic infrastructure of the internet, the routers and DNS servers, and key services like Google need a level of security which exceeds that demonstrated by the DoD/MoD. And that's before we get into issues of civilian infrastructure. All of which makes it very clear -- look to the evidence -- that end users and the mass of sysadmins in the US government agencies are not implementing basic security measures. By many scales, commercial organizations seem better at computer security than the DoD. [1] http://www.amazon.com/After-Gold-Rush-Profession-Engineering/dp/0735608776 http://www.stevemcconnell.com/psd/12-softwaregoldrushes.htm -- /"\ \ / ASCII Ribbon Campaign X Against HTML Mail / \ -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Le 09/07/2014 15:11, Anton Aylward a écrit :
management's responsibility. Letting admins make decisions about this according to their personal judgement means that management is failing in its (possibly fudicial) duty.
you still need an admin to take the decision :-). Some enforcements can make things very difficult to manage, there is always a tradoff between ease and security.
attitude. Security can also focus on what needs to be done, eliminate distractions, remove 'cart-before-the-horse' scenarios, garner budget, coordinate activities of various groups, achieve economies of scale, assure consistency, and from a management perspective it has a number of advantages related to legal and regulatory matters.
what you describe is ideal world :-) - seeing the number of banks still using the usual login/passwd system to login shows that it's not that common :-(
implementing basic security measures. By many scales, commercial organizations seem better at computer security than the DoD.
not o many, I fear. And do not misunderstand me: you are perfectly right on what you ask, I only doubt so many company do so, alas jdd -- http://www.dodin.org -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 07/07/14 15:57, Basil Chupin wrote:
Before C left us he asked the question about how to clean up the 'temp' directories which, in his case, consumed a large volume of his disk space. This problem was solved.
But, what - if anything - cleans out, or should clean out, the /.thumbnails directory in /home?
I had forgotten about this until just now and when I looked in this directory it was 23MB big - so, using mc, I deleted the contents (which is what I did in the past).
But is there some automatic way of clearing this directory?
Gwenview has a setting to delete thumbnails on exit.
(The contents of this directory are rather dangerous because every pic/graphic you look at on the web or which is on your system has a thumbnail created in /.thumbnails. And whoever has access to your /home directory can look at what you have been looking at - like all those stimulating and exiting naughty-type pictures - of dogs and cats and fish of course :-) .)
Sort out your ownerships/permissions. Bob - -- Bob Williams System: Linux 3.11.10-17-desktop Distro: openSUSE 13.1 (x86_64) with KDE Development Platform: 4.13.2 Uptime: 06:00am up 1 day 9:43, 4 users, load average: 0.13, 0.07, 0.06 -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlO6u7UACgkQ0Sr7eZJrmU7IVACfbwEzypHqR0DtAADZ7v01Ejvo WdQAnA4VviytPRDuXiygNFOPZqQE9oJb =ieG0 -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 08/07/14 01:24, Bob Williams wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 07/07/14 15:57, Basil Chupin wrote:
Before C left us he asked the question about how to clean up the 'temp' directories which, in his case, consumed a large volume of his disk space. This problem was solved.
But, what - if anything - cleans out, or should clean out, the /.thumbnails directory in /home?
I had forgotten about this until just now and when I looked in this directory it was 23MB big - so, using mc, I deleted the contents (which is what I did in the past).
But is there some automatic way of clearing this directory?
Gwenview has a setting to delete thumbnails on exit.
So I discovered thanks to you - and I have just set it to zap the /.thumbnails directory in /home :-) .
(The contents of this directory are rather dangerous because every pic/graphic you look at on the web or which is on your system has a thumbnail created in /.thumbnails. And whoever has access to your /home directory can look at what you have been looking at - like all those stimulating and exiting naughty-type pictures - of dogs and cats and fish of course :-) .)
Sort out your ownerships/permissions.
Ownerships/permissions are useless if you walk away from your computer and do not, say, Lock the Screen. Nor are they of any use if the Administrator wants access to your computer. But, in any case, I see little point in having this directory. What's the point in generating a thumbnail for a graphic over and over again if I were to view that same graphic every day for a week? And coupled with this, while I can see SOME method in the madness of having a list of Recently Used Documents (text, pix, etc) and Applications in Gecko>Recently Used I cannot see what *real* value this facility offers. (And this info is stored in another /home directory: /.kde[4]/share/apps/RecentDocuments .) (But mind you, having the /.thumbnails and the RecentDocuments thingies is a great thing for parents to see what the kids are doing - or for the wife to see why the hubby is staying up late into the night after wifey goes to bed 8-) .) BC -- Using openSUSE 13.1, KDE 4.13.2 & kernel 3.15.3-1 on a system with- AMD FX 8-core 3.6/4.2GHz processor 16GB PC14900/1866MHz Quad Channel RAM Gigabyte AMD3+ m/board; Gigabyte nVidia GTX660 GPU -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Le 08/07/2014 09:35, Basil Chupin a écrit :
Ownerships/permissions are useless if you walk away from your computer and do not, say, Lock the Screen.
you may as well forgot a nice photo in your pocket, or visa card invoice :-). If you don't minf being cautious, you will be caught anyway. Lock your screen :-) Nor are they of any use if the Administrator wants
access to your computer.
if you are not the admin, you may not be aware of all what is watching you :-)
But, in any case, I see little point in having this directory. What's the point in generating a thumbnail for a graphic over and over again if I were to view that same graphic every day for a week?
? May be I don't understand, but the purpose of this folders is *not* to have to rebuild the thumbnail. It's specially usefull if you browse youy photo collection as I do, generating th on the go is very time consuming.
(But mind you, having the /.thumbnails and the RecentDocuments thingies is a great thing for parents to see what the kids are doing - or for the wife to see why the hubby is staying up late into the night after wifey goes to bed 8-) .)
yes, looking at messenger cache is very instructive, including in windows :-)) what surprises me is that firefox use kde folders and not it's own one jdd -- http://www.dodin.org -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 07/07/14 16:57, Basil Chupin wrote:
Before C left us he asked the question about how to clean up the 'temp' directories which, in his case, consumed a large volume of his disk space. This problem was solved.
But, what - if anything - cleans out, or should clean out, the /.thumbnails directory in /home?
I had forgotten about this until just now and when I looked in this directory it was 23MB big - so, using mc, I deleted the contents (which is what I did in the past).
But is there some automatic way of clearing this directory?
(The contents of this directory are rather dangerous because every pic/graphic you look at on the web or which is on your system has a thumbnail created in /.thumbnails. And whoever has access to your /home directory can look at what you have been looking at - like all those stimulating and exiting naughty-type pictures - of dogs and cats and fish of course :-) .)
What web browser are you using? Is it Konqueror or Rekonq? As far as I know, only local images viewed on your system using Dolphin, Konqueror or perhaps another file manager integrated into the DE, and seen either by having Preview mode operational in the folder or by hovering over / selecting the image file to cause a preview/tooltip to appear, have thumbnails stored in this directory, not anything seen on the web, unless of course you saved and/or manipulated a web image in some way. Perhaps using Konqueror as a web browser would cache web images too, though I've never been aware of that. 23MB sounds small to me. My own has grown to enormous proportions at times and it's good to flush it out. But I do that manually. Would a tool like Bleachbit handle that? Somebody else commented that Gwenview has a function to delete thumbnails on exit. I have a feeling that function applies system-wide once set, meaning those viewed in Dolphin would get wiped too, but perhaps you'd have to open and close Gwenview on a regular schedule in order for the wipe to take effect. Peter -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 08/07/14 05:43, Peter wrote:
On 07/07/14 16:57, Basil Chupin wrote:
Before C left us he asked the question about how to clean up the 'temp' directories which, in his case, consumed a large volume of his disk space. This problem was solved.
But, what - if anything - cleans out, or should clean out, the /.thumbnails directory in /home?
I had forgotten about this until just now and when I looked in this directory it was 23MB big - so, using mc, I deleted the contents (which is what I did in the past).
But is there some automatic way of clearing this directory?
(The contents of this directory are rather dangerous because every pic/graphic you look at on the web or which is on your system has a thumbnail created in /.thumbnails. And whoever has access to your /home directory can look at what you have been looking at - like all those stimulating and exiting naughty-type pictures - of dogs and cats and fish of course :-) .)
What web browser are you using?
Firefox (v320a2)
Is it Konqueror or Rekonq? As far as I know, only local images viewed on your system using Dolphin, Konqueror or perhaps another file manager integrated into the DE, and seen either by having Preview mode operational in the folder or by hovering over / selecting the image file to cause a preview/tooltip to appear, have thumbnails stored in this directory, not anything seen on the web, unless of course you saved and/or manipulated a web image in some way. Perhaps using Konqueror as a web browser would cache web images too, though I've never been aware of that.
23MB sounds small to me.
That was 28MB...
My own has grown to enormous proportions at times and it's good to flush it out. But I do that manually. Would a tool like Bleachbit handle that? Somebody else commented that Gwenview has a function to delete thumbnails on exit. I have a feeling that function applies system-wide once set, meaning those viewed in Dolphin would get wiped too, but perhaps you'd have to open and close Gwenview on a regular schedule in order for the wipe to take effect.
The 'ADVANCED' Settings in Gwenview warn you that selecting this option to clean the cache will actually delete the /.thumbnails directory in your /home. So with this warning ringing in my ears I have just set Gwenview to zap the /.thumbnails directory :-) . BC -- Using openSUSE 13.1, KDE 4.13.2 & kernel 3.15.3-1 on a system with- AMD FX 8-core 3.6/4.2GHz processor 16GB PC14900/1866MHz Quad Channel RAM Gigabyte AMD3+ m/board; Gigabyte nVidia GTX660 GPU -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
participants (8)
-
Anton Aylward -
Basil Chupin -
Bob Williams -
Dirk Gently -
James Knott -
jdd -
Ken Schneider - openSUSE -
Peter