every time when I typing some word, its generate log(/tmp/rime.fcitx-rime.INFO) like this: I0224 01:08:53.890812 8381 user_dictionary.cc:219] forward scanning for 'cun en '. I0224 01:08:53.890826 8381 user_dictionary.cc:196] prefix: 'cun ', syll_id: 85, num_spellings: 1 I0224 01:08:53.890836 8381 user_dictionary.cc:217] edge: [1, 2) I0224 01:08:53.890843 8381 user_dictionary.cc:219] forward scanning for 'cun eng '. I0224 01:08:53.890857 8381 user_dictionary.cc:196] prefix: 'cun ', syll_id: 86, num_spellings: 1 I0224 01:08:53.890867 8381 user_dictionary.cc:217] edge: [1, 2) I0224 01:08:53.890875 8381 user_dictionary.cc:219] forward scanning for 'cun er '. I0224 01:08:53.890889 8381 user_dictionary.cc:196] prefix: '', syll_id: 56, num_spellings: 1 I0224 01:08:53.890898 8381 user_dictionary.cc:217] edge: [0, 1) I0224 01:08:53.890906 8381 user_dictionary.cc:219] forward scanning for 'cuo '. I0224 01:08:53.890938 8381 menu.cc:22] 1 translations added. I0224 01:08:53.890954 8381 dictionary.cc:95] creating temporary dict entry '測試'. I0224 01:08:53.890969 8381 script_translator.cc:483] phrase '測試', code length: 1 I0224 01:08:53.890998 8381 dictionary.cc:95] creating temporary dict entry '廁所'. I0224 01:08:53.891011 8381 script_translator.cc:483] phrase '廁所', code length: 1 I0224 01:08:53.891062 8381 menu.cc:30] preparing 1 candidates. I0224 01:08:53.891074 8381 dictionary.cc:95] creating temporary dict entry '測算'. I0224 01:08:53.891096 8381 script_translator.cc:483] phrase '測算', code length: 1 I0224 01:08:53.891052 8381 engine.cc:159] composition: {abc}ces=>测试 I0224 01:08:53.891111 8381 key_binding_processor_impl.h:49] action key accepted: BackSpace I0224 01:08:53.891134 8381 menu.cc:30] preparing 5 candidates. I0224 01:08:53.891140 8381 dictionary.cc:95] creating temporary dict entry '測速'. I0224 01:08:53.891152 8381 script_translator.cc:483] phrase '測速', code length: 1 I0224 01:08:53.891166 8381 dictionary.cc:95] creating temporary dict entry '側身'. that actually what I am typing, and every user on the machine can read it, its not just a bug, it a security hole. Workaround: add -DENABLE_LOGGING=OFF to mycmakeargs, then rebuild it. Reproducible: Always Steps to Reproduce: 1.just install ime which using librime and typing (eg. fcitx-rime, fcitx5-rime) Actual Results: generated log with personal sensitive information Expected Results: no log or not include sensitive information
the workaround only test on librime-1.4.0, cause 1.5.3 can not work, it's just crash.
Problem is for upstream to solve. ENABLE_LOGGING=ON is default. ENABLE_LOGGING=ON enables dependency on Glog. Other distributions have LibRIME with dependency on Glog and no -DENABLE_LOGGING=OFF passed to cmake: Arch Linux: https://git.archlinux.org/svntogit/community.git/tree/trunk/PKGBUILD?h=packages/librime Debian: https://salsa.debian.org/input-method-team/librime/blob/master/debian/control https://salsa.debian.org/input-method-team/librime/blob/master/debian/rules Fedora: https://apps.fedoraproject.org/packages/librime/sources/spec Glog provides possibility to configure various things, including log level, log directory and log file mode bits: https://github.com/google/glog/blob/master/doc/glog.html https://github.com/google/glog/blob/master/src/glog/logging.h.in https://github.com/google/glog/blob/4db06313464dadb5c5ca2619f3a461f0b61a07dc/src/glog/logging.h.in#L356-L365 https://github.com/google/glog/blob/master/src/logging.cc https://github.com/google/glog/blob/e5588de96d5305d5da00ad32bc31fda0864f3bfc/src/logging.cc#L134-L135 https://github.com/google/glog/blob/e5588de96d5305d5da00ad32bc31fda0864f3bfc/src/logging.cc#L149-L167 So LibRIME source code should set appropriate variable (at least FLAGS_logfile_mode=0600 to avoid security problem). In case of log directory, LibRIME could expose ability for its users (e.g. Fcitx-RIME, IBus-RIME) to set log directory. E.g. Fcitx scarcely uses ~/.config/fcitx/log directory, so this location could be set by Fcitx-RIME. Ideally logging level would be configurable in relevant GUI configuration editors of Fcitx-RIME and IBus-RIME...
(In reply to OwenJia from comment #1) > 1.5.3 can not work, it's just crash. It was probably bug #692950. After updating dev-libs/darts and rebuilding app-i18n/librime-1.5.3, app-i18n/librime-1.5.3 is likely to work.
https://github.com/rime/librime/issues/316 (Please test if my patch from this upstream bug works for you.)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d149e41c89b85dff47bd5cdc332e6c0817acdd72 commit d149e41c89b85dff47bd5cdc332e6c0817acdd72 Author: Arfrever Frehtes Taifersar Arahesis <Arfrever@Apache.Org> AuthorDate: 2019-12-23 21:18:36 +0000 Commit: Mike Gilbert <floppym@gentoo.org> CommitDate: 2019-12-29 19:31:34 +0000 app-i18n/librime: Set secure mode of log files. Bug: https://bugs.gentoo.org/695702 Signed-off-by: Arfrever Frehtes Taifersar Arahesis <Arfrever@Apache.Org> Signed-off-by: Mike Gilbert <floppym@gentoo.org> app-i18n/librime/files/librime-1.5.3-log_files_mode.patch | 14 ++++++++++++++ .../{librime-1.5.3.ebuild => librime-1.5.3-r1.ebuild} | 6 +++++- 2 files changed, 19 insertions(+), 1 deletion(-) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=313353afecffe37667c99824285f012d0b342676 commit 313353afecffe37667c99824285f012d0b342676 Author: Arfrever Frehtes Taifersar Arahesis <Arfrever@Apache.Org> AuthorDate: 2019-12-23 21:16:10 +0000 Commit: Mike Gilbert <floppym@gentoo.org> CommitDate: 2019-12-29 19:31:34 +0000 app-i18n/librime: Add "debug" USE flag. Bug: https://bugs.gentoo.org/695702 Signed-off-by: Arfrever Frehtes Taifersar Arahesis <Arfrever@Apache.Org> Signed-off-by: Mike Gilbert <floppym@gentoo.org> app-i18n/librime/librime-1.5.3.ebuild | 8 +++++++- app-i18n/librime/metadata.xml | 3 +++ 2 files changed, 10 insertions(+), 1 deletion(-)
Upstream recomments to have logging enabled (ENABLE_LOGGING=ON), but to disable debugging-level logging. Debugging-level logging is now controlled by "debug" USE flag, which is disabled by default. All logs are now created with 0600 mode for increased security.
GLSA Vote: No Repository is clean, all done!