Quote:
Originally Posted by rnturn
I was recently running a long script that was collecting information about the files in my (rather large) home directory tree. It worked by making an initial list of directories and then examining the files in each directory. Recently it crashed with an error message telling me that "~/.config/chromium/SafetyTips/2493" was the problem. When I look in that tree now, there is a different numbered subdirectory. I cannot recall whether I'd started a new or killed off an existing Chromium session. I'm figuring that this subdirectory is created anew each time Chromium is launched. Since I've restarted that script, for now, I'll avoid launching new Chromium instances while the script is running. (Like the old joke: "Doc... it hurts when I do this...")
Since it looks like that directory can have subdirectories that can disappear, I've put a sticky note on my monitor to remind me to tweak the script to either verify that each subdirectory still exists when it's time for its contents to be examined to avoid running into this error or (probably the better idea) filter out "~/.config/*" from the directory list altogether.
So, finally:
Q: Does anyone know exactly what the "SafetyTips" directory and its contents are all about?
The Google is not returning anything which doesn't surprise me all that much as I suspect the purpose of that directory and its contents aren't something that anyone who's not a Chromium developer is likely to care about and is discussed on a development forum somewhere. I'm still curious, though.)
Anyways... TIA for any information readers may have.
|
Well I can't tell you definitively but I can make some decently educated guesses. I first thought the # would be the process ID, but it doesn't seem to be.
Inside each #'d folder is a manifest JSON which details the "SafetyTips" information (it's like a packing invoice). The "version" field of that matches the folder name. So that # represents a version...of something. My guess is it's the version of the following image. It also has a reference to a squashfs (think of it like a compressed ISO) image called "image.squash", which doesn't actually exist in the directory, so I'm not sure what's in it.
Lastly, there's a safety_tips.pb file. Now PB is usually a protobuf file but those I believe are full binary, where this isn't, it has mostly ASCII in it with some non-printable characters. So the file may be an old Corel Word Perfect format - IDK what that format looks like so I can't confirm or deny this. But the contents are telling either way:
This file has a bunch of URL's in it, which I can't really make heads or tails of, but the first one is this: https :// badssl. com/test/safety-tips/
Now badssl is a test website used to validate browsers' reactions to bad security configs. That is to say the Google engineers likely make use of this when validating that improper SSL configurations are handled correctly. So what are the other ones? Well if I had to guess I'd say they're sites that you've encountered (or maybe this file was distributed as-is by Google) which have known bad SSL or TLS security configurations and therefore are known to be problematic. When you go to one of these websites next to the URL at the top of your screen you get the "Not Secure" warning. So my guess is that it's a cache of insecure domains. My guess is this is either distributed by Google preloaded with insecure domains or your browser collects insecure domains here - possibly even updates some Google server with a list or something for book keeping.
So that's the general idea. It still leaves the question of what exists in the mysterious image.squash image. Not sure since it's not there, perhaps that's how the contents of this folder were distributed to the browser from Google & it was deleted after extracting? Not sure what that's about. Maybe just legacy.
So yeah, sorry not the rock solid answer you were probably looking for, but that's the general gist of it anyway. Hope this helps tell ya a bit about what you were interested in.
I have this feeling you know some of this already and are concerned about the sketchiness of some of the addresses in there. I wouldn't worry too much, if that's the case. Worst case it's sent to Google as anonymized data. It likely has little/no impact either way.
)
