[Pkg-chromium-maint] Bug#883746: chromium: secretly stores referer and url for downloaded files
Adam Borowski
kilobyte at angband.pl
Thu Dec 7 05:40:23 UTC 2017
Package: chromium
Version: 62.0.3202.89-1
Severity: important
Hi!
If you download and save a file with Chromium (even in incognito mode), it
saves potentially sensitive metadata in a way that's completely unknown to
almost all users, even highly technical ones:
user.xdg.referrer.url: https://angband.pl/tmp/
user.xdg.origin.url: https://angband.pl/tmp/20130210_001.jpg
This photo is embarassing, but not overwhelmingly so. It also, on its own,
appears to include no way to tie to me in particular. There's EXIF but,
coming from a sane camera, it has no GPS data or whatever. Yet, once the
URL is smuggled, the link to me is obvious, and it's easy to distort the
image's story into something that could get someone fired or otherwise
publicly shamed (based on typical kitten behaviour).
And it can get worse: imagine (werewolf protection) a kiddie porn image,
or a secret government file ("Hillary and Donald, sitting in a tree,
K.I.S.S.I.N.G.jpg").
In this case, referer is uninteresting, but it can be as bad or worse than
the URL itself.
This is a concern when the file is copied to any xattr-preserving media,
such as an USB stick or a CIFS mount -- or, if your computer itself is
imaged/accessed.
Meow!
-- System Information:
Debian Release: buster/sid
APT prefers unstable-debug
APT policy: (500, 'unstable-debug'), (500, 'unstable'), (500, 'testing'), (150, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.15.0-rc2-debug-00195-g50510b7395bf (SMP w/5 CPU cores)
Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE=C.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)
Versions of packages chromium depends on:
ii chromium-common 62.0.3202.89-1
ii libasound2 1.1.3-5
ii libatk1.0-0 2.26.1-1
ii libavcodec57 7:3.4-4
ii libavformat57 7:3.4-4
ii libavutil55 7:3.4-4
ii libc6 2.25-3
ii libcairo2 1.15.8-2
ii libcups2 2.2.6-2
ii libdbus-1-3 1.12.2-1.0nosystemd1
ii libevent-2.1-6 2.1.8-stable-4
ii libexpat1 2.2.3-2
ii libflac8 1.3.2-1
ii libfontconfig1 2.12.6-0.1
ii libfreetype6 2.8.1-0.1
ii libgcc1 1:7.2.0-17
ii libgdk-pixbuf2.0-0 2.36.11-1
ii libglib2.0-0 2.54.2-1
ii libgtk2.0-0 2.24.31-4
ii libharfbuzz0b 1.7.1-1
ii libicu57 57.1-8
ii libjpeg62-turbo 1:1.5.2-2+b1
ii liblcms2-2 2.8-4
ii libminizip1 1.1-8+b1
ii libnspr4 2:4.16-1+b1
ii libnss3 2:3.34-1
ii libopus0 1.2.1-1
ii libpango-1.0-0 1.40.13-2
ii libpangocairo-1.0-0 1.40.13-2
ii libpng16-16 1.6.34-1
ii libpulse0 11.1-3.0nosystemd1
ii libre2-3 20170101+dfsg-1
ii libsnappy1v5 1.1.7-1
ii libstdc++6 7.2.0-17
ii libvpx4 1.6.1-3
ii libwebp6 0.6.0-4
ii libwebpdemux2 0.6.0-4
ii libwebpmux3 0.6.0-4
ii libx11-6 2:1.6.4-3
ii libx11-xcb1 2:1.6.4-3
ii libxcb1 1.12-1
ii libxcomposite1 1:0.4.4-2
ii libxcursor1 1:1.1.14-3
ii libxdamage1 1:1.1.4-3
ii libxext6 2:1.3.3-1+b2
ii libxfixes3 1:5.0.3-1
ii libxi6 2:1.7.9-1
ii libxml2 2.9.4+dfsg1-5.1
ii libxrandr2 2:1.5.1-1
ii libxrender1 1:0.9.10-1
ii libxslt1.1 1.1.29-5
ii libxss1 1:1.2.2-1+b2
ii libxtst6 2:1.2.3-1
ii zlib1g 1:1.2.8.dfsg-5
Versions of packages chromium recommends:
ii fonts-liberation 1:1.07.4-5
Versions of packages chromium suggests:
pn chromium-driver <none>
pn chromium-l10n <none>
pn chromium-shell <none>
pn chromium-widevine <none>
-- no debconf information
More information about the Pkg-chromium-maint
mailing list