From 6c7c9aa226b57baf3d375457c041c69234936867 Mon Sep 17 00:00:00 2001
From: "Michael J. Chudobiak" <mjc@avtechpulse.com>
Date: Fri, 11 May 2012 09:37:24 -0400
Subject: [PATCH] do not save failed thumbnails for unreadable images

---
 thumbnail/thumbnail-spec.sgml |   10 ++++++++--
 1 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/thumbnail/thumbnail-spec.sgml b/thumbnail/thumbnail-spec.sgml
index cb539b6..b9c8411 100644
--- a/thumbnail/thumbnail-spec.sgml
+++ b/thumbnail/thumbnail-spec.sgml
@@ -455,7 +455,13 @@
     in the thumbnail directories should have set their permissions to 600. This
     way we assure that if a user creates a thumbnail for a file where only he
     has read-permissions no other user can take a glance on it through the
-    backdoor with the thumbnails.</para> 
+    backdoor with the thumbnails.</para>
+
+    <para>Programs should first check to ensure that the original image file is
+    readable. If it is not, the program should not attempt to read a thumbnail
+    from the cache, and it should not save any information in the cache
+    (including "failed" thumbnails). Otherwise, thumbnailing will be prevented
+    even if the permissions are changed to permit reading.</para>
     </sect2>
 
     <sect2><title>Concurrent Thumbnail Creation</title> <para>An important goal
@@ -597,7 +603,7 @@ if (file.mtime != thumb.MTime) {
        with the name of the program appended by the version number
        (eg. <prompt>~/.thumbnails/fail/nautilus-1.0</prompt>).</para>
 
-    <para> For every thumbnail generation failure the program creates an empty
+    <para> For every thumbnail generation failure of a readable image the program creates an empty
        PNG file. If it's possible to obtain some additional information from
        the image (see <link linkend="addinfos">Store Additional
        Information</link>) they should be stored together with the thumbnail
-- 
1.7.7.6