44r0n7/privacy.sexy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

win, mac, linux: add privacy.sexy cleanup scripts

Browse Source 
Introduce scripts across Windows, macOS and Linux to allow privacy.sexy
users to erase their script usage traces, improving privacy protection.

Key changes:

- Add category to clear privacy.sexy data.
- Add scripts for deleting privacy.sexy's script execution history and
  activity logs.

Supporting changes:

- Update documentation to highlight the new capability for users to
  clear privacy.sexy-generated data.
- Add shared functions for directory cleanup for Linux and macOS.
- Add code annotations to hint unified approach across all supported
  operating systems.
This commit is contained in:
undergroundwires
2024-02-12 13:05:01 +01:00
parent 55fa7eae71
commit 63366a4ec2
5 changed files with 267 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
SECURITY.md
View File

@@ -37,6 +37,7 @@ privacy.sexy adopts a defense in depth strategy to protect users on multiple lay
- **Auditing and Transparency:**
The desktop application improves security and transparency by logging application activities and retaining files of executed scripts
This facilitates detailed auditability and effective troubleshooting, contributing to the integrity and reliability of the application.
Recognizing that some users prefer not to keep these records, privacy.sexy provides specialized scripts for deletion of these logs.
- **Privilege Management:**
The desktop application operates without persistent administrative or `sudo` privileges, reinforcing its security posture. It requests
elevation of privileges for system modifications with explicit user consent and logs every action taken with high privileges. This
@@ -45,6 +46,7 @@ privacy.sexy adopts a defense in depth strategy to protect users on multiple lay
Before executing any script, the desktop application stores a copy to allow antivirus software to perform scans. This safeguards against
any unwanted modifications. Furthermore, the application incorporates integrity checks for tamper protection. If the script file differs from
the user's selected script, the application will not execute or save the script, ensuring the processing of authentic scripts.
Recognizing that some users prefer not to keep these records, privacy.sexy provides specialized scripts for deletion of these scripts.
### Update Security and Integrity

4
docs/desktop-vs-web-features.md
View File

@@ -51,6 +51,8 @@ Log file locations vary by operating system:
- Linux: `$HOME/.config/privacy.sexy/logs`
- Windows: `%APPDATA%\privacy.sexy\logs`
> 💡 privacy.sexy provides scripts to securely erase these logs.
### Script execution
The desktop version of privacy.sexy enables direct script execution, providing a seamless and integrated experience.
@@ -65,6 +67,8 @@ These locations vary based on the operating system:
- Linux: `$HOME/.config/privacy.sexy/runs`
- Windows: `%APPDATA%\privacy.sexy\runs`
> 💡 privacy.sexy provides scripts to securely erase your script execution history.
### Error handling
The desktop version of privacy.sexy features advanced error handling capabilities.

89
src/application/collections/linux.yaml
View File

@@ -166,6 +166,69 @@ actions:
Third-party applications are not typically distributed as part of the operating system and are
installed separately.
children:
-
category: Clear privacy.sexy data
# Marked: refactor-with-variables, refactor-with-partials
# - Documentation is same across macOS, Linux and Windows, this should be shared and not duplicated.
docs: |-
This category offers scripts to remove data left by the privacy.sexy desktop application,
helping you ensure your privacy by eliminating all traces of use.
The web application version of privacy.sexy does not create or store user data on your device [1],
so this category is applicable to desktop application users only.
These scripts are designed for anyone wanting to ensure their script activities leave no trace on their systems.
> **Caution**:
> Deleting this data might affect security [2] and troubleshooting [1]:
> - Logs are valuable for diagnosing issues and understanding past actions [1].
> - Script files can help review changes made to the system and aid in reverting those changes if needed.
[1]: https://github.com/undergroundwires/privacy.sexy/blob/master/docs/desktop-vs-web-features.md "Desktop vs. Web Features | privacy.sexy | github.com"
[2]: https://github.com/undergroundwires/privacy.sexy/blob/master/SECURITY.md "SECURITY.md | privacy.sexy | github.com"
children:
-
name: Clear privacy.sexy script history
docs: |-
This script removes script files generated by the privacy.sexy desktop application.
The desktop version executes scripts directly on your device [1], saving a script file for execution [1],
troubleshooting [1], and security [2].
By running this script, you remove the executed script files, enhancing your privacy by ensuring that there is no
residual data that could reveal your usage patterns or preferences.
> **Caution**:
> - This action is irreversible. Deleted script files cannot be retrieved.
> - These files might be necessary for troubleshooting if you experience issues after using privacy.sexy scripts.
[1]: https://github.com/undergroundwires/privacy.sexy/blob/master/docs/desktop-vs-web-features.md "Desktop vs. Web Features | privacy.sexy | github.com"
[2]: https://github.com/undergroundwires/privacy.sexy/blob/master/SECURITY.md "SECURITY.md | privacy.sexy | github.com"
call:
function: ClearDirectoryContents
parameters:
directoryGlob: "$HOME/.config/privacy.sexy/runs"
-
name: Clear privacy.sexy activity logs
docs: |-
This script removes log files generated by the privacy.sexy desktop application.
Different from the web version, the desktop application records logs for troubleshooting [1].
Additionally, these logs offer auditing and transparency for security [2].
Deleting these logs can help maintain your privacy by ensuring there are no records of the application's activities
on your system.
> **Caution**:
> - Removing logs will prevent you from reviewing the application's activities, which could be helpful in diagnosing issues.
> - Logs can contain valuable information for technical support should you need assistance.
[1]: https://github.com/undergroundwires/privacy.sexy/blob/master/docs/desktop-vs-web-features.md "Desktop vs. Web Features | privacy.sexy | github.com"
[2]: https://github.com/undergroundwires/privacy.sexy/blob/master/SECURITY.md "SECURITY.md | privacy.sexy | github.com"
call:
function: ClearDirectoryContents
parameters:
directoryGlob: "$HOME/.config/privacy.sexy/logs"
-
name: Clear Steam cache
docs: |-
@@ -3233,6 +3296,8 @@ actions:
functions:
-
name: RunInlineCode
# Marked: refactor-with-partials
# Same function in macOS, Linux, Windows
parameters:
- name: code
- name: revertCode
@@ -3493,6 +3558,8 @@ functions:
# 💡 Purpose:
# Adds a comment in the executed code for better readability and debugging.
# This function does not affect the execution flow but helps in understanding the purpose of subsequent code.
# Marked: refactor-with-partials
# Same function as macOS
parameters:
- name: codeComment
optional: true
@@ -3904,3 +3971,25 @@ functions:
sudo mv "$file.backup" "$file"
echo "Successfully restored from backup: $file"
fi
-
name: ClearDirectoryContents
# 💡 Purpose:
# Empties the contents of a directory recursively (including all of its files and subfolders) while preserving
# the directory itself.
# Marked: refactor-with-partials
# Same function as macOS
parameters:
- name: directoryGlob
- name: grantPermissions
optional: true
call:
-
function: Comment
parameters:
codeComment: 'Clear directory contents: "{{ $directoryGlob }}"'
-
function: RunInlineCode
parameters:
code: |-
glob_pattern="{{ $directoryGlob }}/*"
{{ with $grantPermissions }}sudo {{ end }}rm -rfv $glob_pattern

107
src/application/collections/macos.yaml
View File

@@ -282,6 +282,69 @@ actions:
-
category: Clear third-party application data
children:
-
category: Clear privacy.sexy data
# Marked: refactor-with-variables, refactor-with-partials
# - Documentation is same across macOS, Linux and Windows, this should be shared and not duplicated.
docs: |-
This category offers scripts to remove data left by the privacy.sexy desktop application,
helping you ensure your privacy by eliminating all traces of use.
The web application version of privacy.sexy does not create or store user data on your device [1],
so this category is applicable to desktop application users only.
These scripts are designed for anyone wanting to ensure their script activities leave no trace on their systems.
> **Caution**:
> Deleting this data might affect security [2] and troubleshooting [1]:
> - Logs are valuable for diagnosing issues and understanding past actions [1].
> - Script files can help review changes made to the system and aid in reverting those changes if needed.
[1]: https://github.com/undergroundwires/privacy.sexy/blob/master/docs/desktop-vs-web-features.md "Desktop vs. Web Features | privacy.sexy | github.com"
[2]: https://github.com/undergroundwires/privacy.sexy/blob/master/SECURITY.md "SECURITY.md | privacy.sexy | github.com"
children:
-
name: Clear privacy.sexy script history
docs: |-
This script removes script files generated by the privacy.sexy desktop application.
The desktop version executes scripts directly on your device [1], saving a script file for execution [1],
troubleshooting [1], and security [2].
By running this script, you remove the executed script files, enhancing your privacy by ensuring that there is no
residual data that could reveal your usage patterns or preferences.
> **Caution**:
> - This action is irreversible. Deleted script files cannot be retrieved.
> - These files might be necessary for troubleshooting if you experience issues after using privacy.sexy scripts.
[1]: https://github.com/undergroundwires/privacy.sexy/blob/master/docs/desktop-vs-web-features.md "Desktop vs. Web Features | privacy.sexy | github.com"
[2]: https://github.com/undergroundwires/privacy.sexy/blob/master/SECURITY.md "SECURITY.md | privacy.sexy | github.com"
call:
function: ClearDirectoryContents
parameters:
directoryGlob: "$HOME/Library/Application Support/privacy.sexy/runs"
-
name: Clear privacy.sexy activity logs
docs: |-
This script removes log files generated by the privacy.sexy desktop application.
Different from the web version, the desktop application records logs for troubleshooting [1].
Additionally, these logs offer auditing and transparency for security [2].
Deleting these logs can help maintain your privacy by ensuring there are no records of the application's activities
on your system.
> **Caution**:
> - Removing logs will prevent you from reviewing the application's activities, which could be helpful in diagnosing issues.
> - Logs can contain valuable information for technical support should you need assistance.
[1]: https://github.com/undergroundwires/privacy.sexy/blob/master/docs/desktop-vs-web-features.md "Desktop vs. Web Features | privacy.sexy | github.com"
[2]: https://github.com/undergroundwires/privacy.sexy/blob/master/SECURITY.md "SECURITY.md | privacy.sexy | github.com"
call:
function: ClearDirectoryContents
parameters:
directoryGlob: "$HOME/Library/Logs/privacy.sexy"
-
name: Clear Adobe cache
recommend: standard
@@ -1558,3 +1621,47 @@ functions:
echo "Output from \`tccutil\`: $reset_output."
fi
fi
-
name: RunInlineCode
# Marked: refactor-with-partials
# Same function in macOS, Linux, Windows
parameters:
- name: code
- name: revertCode
optional: true
code: '{{ $code }}'
revertCode: '{{ with $revertCode }}{{ . }}{{ end }}'
-
name: Comment
# 💡 Purpose:
# Adds a comment in the executed code for better readability and debugging.
# This function does not affect the execution flow but helps in understanding the purpose of subsequent code.
# Marked: refactor-with-partials
# Same function as Linux
parameters:
- name: codeComment
optional: true
- name: revertCodeComment
optional: true
call:
function: RunInlineCode
parameters:
code: '{{ with $codeComment }}# {{ . }}{{ end }}'
revertCode: '{{ with $revertCodeComment }}# {{ . }}{{ end }}'
-
name: ClearDirectoryContents
parameters:
- name: directoryGlob
- name: grantPermissions
optional: true
call:
-
function: Comment
parameters:
codeComment: 'Clear directory contents: "{{ $directoryGlob }}"'
-
function: RunInlineCode
parameters:
code: |-
glob_pattern="{{ $directoryGlob }}/*"
{{ with $grantPermissions }}sudo {{ end }}rm -rfv $glob_pattern

65
src/application/collections/windows.yaml
View File

@@ -194,6 +194,69 @@ actions:
-
category: Clear third-party application data
children:
-
category: Clear privacy.sexy data
# Marked: refactor-with-variables, refactor-with-partials
# - Documentation is same across macOS, Linux and Windows, this should be shared and not duplicated.
docs: |-
This category offers scripts to remove data left by the privacy.sexy desktop application,
helping you ensure your privacy by eliminating all traces of use.
The web application version of privacy.sexy does not create or store user data on your device [1],
so this category is applicable to desktop application users only.
These scripts are designed for anyone wanting to ensure their script activities leave no trace on their systems.
> **Caution**:
> Deleting this data might affect security [2] and troubleshooting [1]:
> - Logs are valuable for diagnosing issues and understanding past actions [1].
> - Script files can help review changes made to the system and aid in reverting those changes if needed.
[1]: https://github.com/undergroundwires/privacy.sexy/blob/master/docs/desktop-vs-web-features.md "Desktop vs. Web Features | privacy.sexy | github.com"
[2]: https://github.com/undergroundwires/privacy.sexy/blob/master/SECURITY.md "SECURITY.md | privacy.sexy | github.com"
children:
-
name: Clear privacy.sexy script history
docs: |-
This script removes script files generated by the privacy.sexy desktop application.
The desktop version executes scripts directly on your device [1], saving a script file for execution [1],
troubleshooting [1], and security [2].
By running this script, you remove the executed script files, enhancing your privacy by ensuring that there is no
residual data that could reveal your usage patterns or preferences.
> **Caution**:
> - This action is irreversible. Deleted script files cannot be retrieved.
> - These files might be necessary for troubleshooting if you experience issues after using privacy.sexy scripts.
[1]: https://github.com/undergroundwires/privacy.sexy/blob/master/docs/desktop-vs-web-features.md "Desktop vs. Web Features | privacy.sexy | github.com"
[2]: https://github.com/undergroundwires/privacy.sexy/blob/master/SECURITY.md "SECURITY.md | privacy.sexy | github.com"
call:
function: ClearDirectoryContents
parameters:
directoryGlob: '%APPDATA%\privacy.sexy\runs'
-
name: Clear privacy.sexy activity logs
docs: |-
This script removes log files generated by the privacy.sexy desktop application.
Different from the web version, the desktop application records logs for troubleshooting [1].
Additionally, these logs offer auditing and transparency for security [2].
Deleting these logs can help maintain your privacy by ensuring there are no records of the application's activities
on your system.
> **Caution**:
> - Removing logs will prevent you from reviewing the application's activities, which could be helpful in diagnosing issues.
> - Logs can contain valuable information for technical support should you need assistance.
[1]: https://github.com/undergroundwires/privacy.sexy/blob/master/docs/desktop-vs-web-features.md "Desktop vs. Web Features | privacy.sexy | github.com"
[2]: https://github.com/undergroundwires/privacy.sexy/blob/master/SECURITY.md "SECURITY.md | privacy.sexy | github.com"
call:
function: ClearDirectoryContents
parameters:
directoryGlob: '%APPDATA%\privacy.sexy\logs'
-
name: Clear Listary search index
call:
@@ -15632,6 +15695,8 @@ functions:
defaultStartupMode: '{{ $defaultStartupMode }}'
-
name: RunInlineCode
# Marked: refactor-with-partials
# Same function in macOS, Linux, Windows
parameters:
- name: code
optional: true