** Information type changed from Private Security to Public Security ** Changed in: file-roller (Ubuntu) Status: New => Confirmed
** Changed in: file-roller (Ubuntu) Importance: Undecided => Low -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to file-roller in Ubuntu. https://bugs.launchpad.net/bugs/1525038 Title: Encrypted files left plain-text on the cache folder Status in file-roller package in Ubuntu: Confirmed Bug description: Used version: 3.10.2.1 OS: Ubuntu 14.04 Steps: Open an archive (7z format), double-click an encrypted file, type the password, the file is opened in LibreOffice Writer, the decrypted temporary file is located in the .cache folder, close LibreOffice Writer (with or without saving), close file-roller after confirming to update the file inside the archive. I figure out that the plain-text file is still present in the cache folder. LibreOffice Writer can even reopen it as "recent file" ! I believe it's a major security risk. Why file-roller doesn't remove the temporary plain-text file when closing? To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/file-roller/+bug/1525038/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp