Open naglis opened 6 months ago
That's an interesting case. We can't move the file the symlink points to, since another symlink may point to that as well. On the other hand, it doesn't make sense to move just the symlink, as this is brittle (as you correctly pointed out).
What we should probably do here is:
unsafe/
This way, it's less easy for the user to accidentally click on the original file (that's the spirit of the archiving feature), and we are sure that they can recover the original file from the unsafe/
directory, even if they move stuff around (also very important).
Tested on dangerzone 0.6.0 on Arch Linux. Steps to reproduce via CLI (AFAICT the outcome is the same if converting via GUI):
The output from the
file
command on the last line:The symlink that was passed to dangerzone is archived, the original "unsafe" file at
test_symlink/subdir/sample.pdf
still exists. Since the symlink is renamed (moved), if the symlink was relative (i.e. it did not point to an absolute path) after archiving (moving) the symlink becomes broken. Since the intention of archival is to move the original potentially unsafe document to theunsafe
directory and prevent the user from mistakenly opening it, the goal is not achieved.I am not sure how probable it is that the user would make links to documents and then pass them to dangerzone, but I think the case should at least be known/considered. I also am not sure what the correct behavior in such case should be:
3 and 4 do not achieve the goal of "marking" the original document as unsafe since it would still exist at the original path, so I do not think they are good solutions.