Skip to content
  • Categories
  • Recent
  • Tags
  • Popular
  • World
  • Users
  • Groups
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor

  • Default (No Skin)
  • No Skin
Collapse
Brand Logo

agnos.is Forums

  1. Home
  2. Linux
  3. Warning: Gnome file manager (Nautilus) can make remote requests when previewing files

Warning: Gnome file manager (Nautilus) can make remote requests when previewing files

Scheduled Pinned Locked Moved Linux
linux
30 Posts 27 Posters 111 Views
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • C [email protected]

    Well its also a simple browser so it will preview the HTML page like any other browser would. But I don't know about audio files though.

    ? Offline
    ? Offline
    Guest
    wrote on last edited by
    #3

    Yes but an HTML file is very different from a website. At the very least I'd like an option to disable all remote requests, or disable previews for certain file formats.

    1 Reply Last reply
    0
    • ? Guest

      I just found this out recently. So this isn't actually Nautilus itself but it's the file previewer (Gnome Sushi) that comes with it. If you select a file and press the spacebar, it will automatically preview the file if it supported. If the file is an audio file, it will automatically fetch album art from the web, and if the file is an HTML file, it can make third-party requests. IMHO this is a huge privacy issue. For example if you were browsing the web using Tor Browser and saved a page to view offline, and then later accidentally opened it using the file previewer, it will make requests through the clearnet, exposing your IP.

      This is an open issue and I don't expect it to be fixed anytime soon, so the easiest solution is to simply uninstall Gnome Sushi (on Fedora, it is the sushi package).

      ? Offline
      ? Offline
      Guest
      wrote on last edited by
      #4

      They know what's good for the user, be greatful.

      P cujo@sh.itjust.worksC 2 Replies Last reply
      0
      • ? Guest

        I just found this out recently. So this isn't actually Nautilus itself but it's the file previewer (Gnome Sushi) that comes with it. If you select a file and press the spacebar, it will automatically preview the file if it supported. If the file is an audio file, it will automatically fetch album art from the web, and if the file is an HTML file, it can make third-party requests. IMHO this is a huge privacy issue. For example if you were browsing the web using Tor Browser and saved a page to view offline, and then later accidentally opened it using the file previewer, it will make requests through the clearnet, exposing your IP.

        This is an open issue and I don't expect it to be fixed anytime soon, so the easiest solution is to simply uninstall Gnome Sushi (on Fedora, it is the sushi package).

        darklamer@lemmy.dbzer0.comD This user is from outside of this forum
        darklamer@lemmy.dbzer0.comD This user is from outside of this forum
        [email protected]
        wrote on last edited by
        #5

        Thanks for the tip! Despite never actually using sushi, I had it installed so now I've uninstalled it to avoid using it by accident.

        that_leaflet@lemmy.worldT 1 Reply Last reply
        0
        • ? Guest

          I just found this out recently. So this isn't actually Nautilus itself but it's the file previewer (Gnome Sushi) that comes with it. If you select a file and press the spacebar, it will automatically preview the file if it supported. If the file is an audio file, it will automatically fetch album art from the web, and if the file is an HTML file, it can make third-party requests. IMHO this is a huge privacy issue. For example if you were browsing the web using Tor Browser and saved a page to view offline, and then later accidentally opened it using the file previewer, it will make requests through the clearnet, exposing your IP.

          This is an open issue and I don't expect it to be fixed anytime soon, so the easiest solution is to simply uninstall Gnome Sushi (on Fedora, it is the sushi package).

          F This user is from outside of this forum
          F This user is from outside of this forum
          [email protected]
          wrote on last edited by
          #6

          While good for privacy, this sounds like an awful UX change for the average person. Some sort of nice toggle to disable it would be good, but removing it all together would probably annoy more people than it benefits.

          R X T 3 Replies Last reply
          0
          • F [email protected]

            While good for privacy, this sounds like an awful UX change for the average person. Some sort of nice toggle to disable it would be good, but removing it all together would probably annoy more people than it benefits.

            R This user is from outside of this forum
            R This user is from outside of this forum
            [email protected]
            wrote on last edited by
            #7

            It could be implemented the same as most email clients do. A simple message "load external content" with an option to always load.

            1 Reply Last reply
            0
            • C [email protected]

              Well its also a simple browser so it will preview the HTML page like any other browser would. But I don't know about audio files though.

              zagorath@aussie.zoneZ This user is from outside of this forum
              zagorath@aussie.zoneZ This user is from outside of this forum
              [email protected]
              wrote on last edited by
              #8

              IMO a "simple browser" of this sort should display literally only the content in the HTML file itself. It shouldn't even view CSS stored in a separate local CSS file, let alone reach out to the web to download more content.

              1 Reply Last reply
              0
              • F [email protected]

                While good for privacy, this sounds like an awful UX change for the average person. Some sort of nice toggle to disable it would be good, but removing it all together would probably annoy more people than it benefits.

                X This user is from outside of this forum
                X This user is from outside of this forum
                [email protected]
                wrote on last edited by
                #9

                A setting that pulls information from the clear net should be up to the user and not a default setting, IMO.

                1 Reply Last reply
                0
                • ? Guest

                  I just found this out recently. So this isn't actually Nautilus itself but it's the file previewer (Gnome Sushi) that comes with it. If you select a file and press the spacebar, it will automatically preview the file if it supported. If the file is an audio file, it will automatically fetch album art from the web, and if the file is an HTML file, it can make third-party requests. IMHO this is a huge privacy issue. For example if you were browsing the web using Tor Browser and saved a page to view offline, and then later accidentally opened it using the file previewer, it will make requests through the clearnet, exposing your IP.

                  This is an open issue and I don't expect it to be fixed anytime soon, so the easiest solution is to simply uninstall Gnome Sushi (on Fedora, it is the sushi package).

                  H This user is from outside of this forum
                  H This user is from outside of this forum
                  [email protected]
                  wrote on last edited by
                  #10

                  It probably downloads remote images in PDFs too, but I don’t know that for sure.

                  1 Reply Last reply
                  0
                  • ? Guest

                    I just found this out recently. So this isn't actually Nautilus itself but it's the file previewer (Gnome Sushi) that comes with it. If you select a file and press the spacebar, it will automatically preview the file if it supported. If the file is an audio file, it will automatically fetch album art from the web, and if the file is an HTML file, it can make third-party requests. IMHO this is a huge privacy issue. For example if you were browsing the web using Tor Browser and saved a page to view offline, and then later accidentally opened it using the file previewer, it will make requests through the clearnet, exposing your IP.

                    This is an open issue and I don't expect it to be fixed anytime soon, so the easiest solution is to simply uninstall Gnome Sushi (on Fedora, it is the sushi package).

                    tasankovasara@sopuli.xyzT This user is from outside of this forum
                    tasankovasara@sopuli.xyzT This user is from outside of this forum
                    [email protected]
                    wrote on last edited by
                    #11

                    Thanks for tipping the previewer's name. Not concerned with the (valid) sec aspect personally, but I've accidentally hit space a couple of times since meta+shift+space is Sway's default for floating / tiling a window and I don't use the preview anyway. Let's uninstall.

                    1 Reply Last reply
                    0
                    • ? Guest

                      I just found this out recently. So this isn't actually Nautilus itself but it's the file previewer (Gnome Sushi) that comes with it. If you select a file and press the spacebar, it will automatically preview the file if it supported. If the file is an audio file, it will automatically fetch album art from the web, and if the file is an HTML file, it can make third-party requests. IMHO this is a huge privacy issue. For example if you were browsing the web using Tor Browser and saved a page to view offline, and then later accidentally opened it using the file previewer, it will make requests through the clearnet, exposing your IP.

                      This is an open issue and I don't expect it to be fixed anytime soon, so the easiest solution is to simply uninstall Gnome Sushi (on Fedora, it is the sushi package).

                      ferk@lemmy.mlF This user is from outside of this forum
                      ferk@lemmy.mlF This user is from outside of this forum
                      [email protected]
                      wrote on last edited by
                      #12

                      Thunar is a much better alternative, in my opinion.

                      B D N B 4 Replies Last reply
                      0
                      • ? Guest

                        I just found this out recently. So this isn't actually Nautilus itself but it's the file previewer (Gnome Sushi) that comes with it. If you select a file and press the spacebar, it will automatically preview the file if it supported. If the file is an audio file, it will automatically fetch album art from the web, and if the file is an HTML file, it can make third-party requests. IMHO this is a huge privacy issue. For example if you were browsing the web using Tor Browser and saved a page to view offline, and then later accidentally opened it using the file previewer, it will make requests through the clearnet, exposing your IP.

                        This is an open issue and I don't expect it to be fixed anytime soon, so the easiest solution is to simply uninstall Gnome Sushi (on Fedora, it is the sushi package).

                        that_leaflet@lemmy.worldT This user is from outside of this forum
                        that_leaflet@lemmy.worldT This user is from outside of this forum
                        [email protected]
                        wrote on last edited by
                        #13

                        Good thing I use the Flatpak version, I’ll just remove the network permission.

                        1 Reply Last reply
                        0
                        • F [email protected]

                          While good for privacy, this sounds like an awful UX change for the average person. Some sort of nice toggle to disable it would be good, but removing it all together would probably annoy more people than it benefits.

                          T This user is from outside of this forum
                          T This user is from outside of this forum
                          [email protected]
                          wrote on last edited by
                          #14

                          Woah there! This is GNOME. You don't get choices.

                          R 1 Reply Last reply
                          0
                          • ? Guest

                            I just found this out recently. So this isn't actually Nautilus itself but it's the file previewer (Gnome Sushi) that comes with it. If you select a file and press the spacebar, it will automatically preview the file if it supported. If the file is an audio file, it will automatically fetch album art from the web, and if the file is an HTML file, it can make third-party requests. IMHO this is a huge privacy issue. For example if you were browsing the web using Tor Browser and saved a page to view offline, and then later accidentally opened it using the file previewer, it will make requests through the clearnet, exposing your IP.

                            This is an open issue and I don't expect it to be fixed anytime soon, so the easiest solution is to simply uninstall Gnome Sushi (on Fedora, it is the sushi package).

                            grrgyle@slrpnk.netG This user is from outside of this forum
                            grrgyle@slrpnk.netG This user is from outside of this forum
                            [email protected]
                            wrote on last edited by
                            #15

                            OpenSnitch, do your thing!

                            1 Reply Last reply
                            0
                            • ? Guest

                              They know what's good for the user, be greatful.

                              P This user is from outside of this forum
                              P This user is from outside of this forum
                              [email protected]
                              wrote on last edited by
                              #16

                              What's good to the user is what the user wants its device to do. Simple as.

                              1 Reply Last reply
                              0
                              • ferk@lemmy.mlF [email protected]

                                Thunar is a much better alternative, in my opinion.

                                B This user is from outside of this forum
                                B This user is from outside of this forum
                                [email protected]
                                wrote on last edited by
                                #17

                                Agreed. I fucking hate Nautilus - especially the way it fucking tries to filter everything instead of jumping me to where I'm typing. It makes navigation so much slower

                                R 1 Reply Last reply
                                0
                                • darklamer@lemmy.dbzer0.comD [email protected]

                                  Thanks for the tip! Despite never actually using sushi, I had it installed so now I've uninstalled it to avoid using it by accident.

                                  that_leaflet@lemmy.worldT This user is from outside of this forum
                                  that_leaflet@lemmy.worldT This user is from outside of this forum
                                  [email protected]
                                  wrote on last edited by
                                  #18

                                  It’s actually pretty nice in some situations.

                                  One thing that bites me about Loupe / Image Viewer is that it always goes through images in alphabetical order, despite the sort option you have set in nautilus.

                                  Sushi does go through items using the same sort option set in nautilus.

                                  Though it can be finicky with videos, so I don’t use it for that.

                                  1 Reply Last reply
                                  0
                                  • ? Guest

                                    I just found this out recently. So this isn't actually Nautilus itself but it's the file previewer (Gnome Sushi) that comes with it. If you select a file and press the spacebar, it will automatically preview the file if it supported. If the file is an audio file, it will automatically fetch album art from the web, and if the file is an HTML file, it can make third-party requests. IMHO this is a huge privacy issue. For example if you were browsing the web using Tor Browser and saved a page to view offline, and then later accidentally opened it using the file previewer, it will make requests through the clearnet, exposing your IP.

                                    This is an open issue and I don't expect it to be fixed anytime soon, so the easiest solution is to simply uninstall Gnome Sushi (on Fedora, it is the sushi package).

                                    E This user is from outside of this forum
                                    E This user is from outside of this forum
                                    [email protected]
                                    wrote on last edited by
                                    #19

                                    Still not worse than the simple act of having to use gnome for longer than it takes to install something, anything else

                                    1 Reply Last reply
                                    0
                                    • ? Guest

                                      I just found this out recently. So this isn't actually Nautilus itself but it's the file previewer (Gnome Sushi) that comes with it. If you select a file and press the spacebar, it will automatically preview the file if it supported. If the file is an audio file, it will automatically fetch album art from the web, and if the file is an HTML file, it can make third-party requests. IMHO this is a huge privacy issue. For example if you were browsing the web using Tor Browser and saved a page to view offline, and then later accidentally opened it using the file previewer, it will make requests through the clearnet, exposing your IP.

                                      This is an open issue and I don't expect it to be fixed anytime soon, so the easiest solution is to simply uninstall Gnome Sushi (on Fedora, it is the sushi package).

                                      M This user is from outside of this forum
                                      M This user is from outside of this forum
                                      [email protected]
                                      wrote on last edited by
                                      #20

                                      Use the image viewer used by TAILS

                                      1 Reply Last reply
                                      0
                                      • ? Guest

                                        They know what's good for the user, be greatful.

                                        cujo@sh.itjust.worksC This user is from outside of this forum
                                        cujo@sh.itjust.worksC This user is from outside of this forum
                                        [email protected]
                                        wrote on last edited by
                                        #21

                                        I have the sneaking suspicion this was supposed to be sarcastic, but the Internet doesn't carry "tone"... Am I correct? 😂

                                        1 Reply Last reply
                                        0
                                        • ferk@lemmy.mlF [email protected]

                                          Thunar is a much better alternative, in my opinion.

                                          D This user is from outside of this forum
                                          D This user is from outside of this forum
                                          [email protected]
                                          wrote on last edited by
                                          #22

                                          I always install thunar into my gnome.

                                          1 Reply Last reply
                                          0
                                          Reply
                                          • Reply as topic
                                          Log in to reply
                                          • Oldest to Newest
                                          • Newest to Oldest
                                          • Most Votes


                                          • Login

                                          • Login or register to search.
                                          • First post
                                            Last post
                                          0
                                          • Categories
                                          • Recent
                                          • Tags
                                          • Popular
                                          • World
                                          • Users
                                          • Groups