← Back to context

Comment by mschuster91

9 hours ago

> System and root directories cannot be selected.

That desperately needs something like the Public Suffix List [1] - a community-managed list where authors of software can blacklist directories containing sensitive files or such files directly for all browsers implementing this feature.

If I were to design such a list, it would include ~/.ssh, ~/.aws, ~/.config, ~/Library, ~/.{ba,z}sh{rc,_profile,_history}, ~/.m2, ~/.npm, ~/.npmrc, ~/.profile at the very least. Because users will get phished.

[1] https://en.wikipedia.org/wiki/Public_Suffix_List

4 comments

mschuster91

Reply
inigyou  9 hours ago

This is still a security nightmare! You won't get every folder, or even enough folders.

codedokode  7 hours ago

Black listing is never secure. White listing is. Sadly some really smart person decided it was a good idea to store pictures and SSH keys within the same directory tree.

  • Diti  1 minute ago

    If you see a directory for pictures, it means XDG directories are available in your system. Then you can change their location at will, and place them as deep in your user directory as you like.

    My Nix Home Manager settings for XDG directories:

        xdg.userDirs = {
      enable = true;
      createDirectories = true;
      desktop = "${config.home.homeDirectory}/var/desktop";
      documents = "${config.home.homeDirectory}/opt/docs";
      download = "${config.home.homeDirectory}/var/download";
      music = "${config.home.homeDirectory}/opt/art/music";
      pictures = "${config.home.homeDirectory}/opt/art/visual/picture";
      publicShare = "${config.home.homeDirectory}/var/public";
      videos = "${config.home.homeDirectory}/opt/art/visual/video";
      templates = "${config.home.homeDirectory}/opt/templates";
    };

  • yjftsjthsd-h  3 hours ago

    > Sadly some really smart person decided it was a good idea to store pictures and SSH keys within the same directory tree.

    ~/Pictures and ~/.ssh are as far apart as they can be while staying in the user's home directory. I guess you could stick stuff in... /var or something, but that seems worse overall.