Backup database exposing protected notes

[laraconda]

trafficstars

Trilium Version

0.60.4

What operating system are you using?

Linux

What is your setup?

Local (no sync)

Operating System Version

5.10.0-25-amd64

Description

I can read my protected notes by opening backup-now.db. The notes were originally created as unprotected, then, after protecting them, the db file still exposes most of the text content of the notes. The file backup-now.db is being updated, I am not looking at an old version.

The notes are not exposed fully but large chunks are readable (as in whole paragraphs).

I am running trilium on flatpak on Debian 11. Build revision: 5905950c17791ce0eb278e010c2c8b3450fdb447

Error logs

No response

[sigaloid]

This is expected behavior - exporting the tree when the protected session is open, will export those in plain text (otherwise they cannot be opened at all - exporting cannot contain encrypted notes AFAIK)

[laraconda]

Even if the protected session is closed the content gets exposed.

[sigaloid]

I expect this is a caching issue - if you enter a protected session, leave, then restart the app, it may fix the problem. I'm not exactly sure though.

[laraconda]

I expect this is a caching issue - if you enter a protected session, leave, then restart the app, it may fix the problem. I'm not exactly sure though.

Let me try. No, still there. I closed the app, opened it again (with the session always closed), created the backup and it still contains the text.

[zadam]

@laraconda Hello, this might be fixed by VACUUMing:

SQLite can keep remnants of old information in unused blocks, this can be cleaned up with a VACUUM. It's an expensive process on large databases, so it's not done automatically