clear/delete all RequestPolicy data when uninstalled #227

Open
jsamuel opened this Issue Dec 22, 2011 · 0 comments

Projects

None yet

1 participant

@jsamuel
Member
jsamuel commented Dec 22, 2011
imported trac ticket
created: 2011-04-25 14:16:04
reporter: justin

When !RequestPolicy is uninstalled, it leaves behind the user's whitelist in the browser configuration. I think the correct default behavior is to instead remove all traces of RP that we can remove.

This would mean that if the user expected this data to remain after uninstall, restart, and install again, their custom whitelist would be permanently lost. Though this is unfortunate if the user didn't expect to lose their whitelist, it seems dangerous to leave the data behind as other users will reasonably assume that this data was removed. The potential impact of assuming the data is deleted is worse than assuming it isn't. If a user had whitelisted sites that they no longer wanted others to be able to determine they had visited (e.g. the user had specifically cleared all browser history, cookies, cache, etc. at some point after uninstalling RP), then the fact that RP didn't delete this data may put the user at risk if others obtain access to their computer. The risk of this unexpected data remaining is too great to justify the potential usability benefit of leaving behind the whitelist after uninstall.

Note that starting with RP 0.6, we'll need to delete the "requestpolicy" directory from the user profile directory, as well.

@msxfm msxfm referenced this issue in RequestPolicyContinued/requestpolicy Jul 7, 2014
Open

clear/delete all RequestPolicy data when uninstalled #227

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment