After searching for a bit on the forum I did not find this bug mentioned anywhere. My apologies if it has already been reported.
Every time fSekrit.exe (v1.40) is executed and the file is protected by a password, a temporary 'fSekrit-xxxx.exe' file is created, where 'xxxx' is (as far as I can tell) a random hexadecimal number. For example in the Windows 7 Professional 64 bit edition where I tested it, that temporary file is created here:
This temporary file is removed when you close the program. So far, so good.
However, on execution, if instead of entering the password at the 'Please enter passphrase' screen you decide not to continue and click the 'Cancel' button or simple close the dialog on the 'X', that temporary file is not deleted. This also occurs if you are using the nifty trick of having an empty file named 'fSekrit.portable' in the same directory as the 'fSekrit.exe' executable. Since the temporary file has a random name, a new random file will be added every time you cancel, to the ones already there. If you want to get rid of them you have to delete them yourself.
Now, I must point out that as far as I can tell this does not pose a security threat as the temporary files do not contain any data. I believe that one could even create a batch file that automatically searches and deletes these files automatically before executing fSekrit. I am just pointing the bug out in case the programmer decides to clean it in a future release.
fSekrit version 1.40
Bug tested and detected on:
- Windows 7 Professional, 64 bit
- Windows Server 2003 SBS SP2, 32 bit
- Windows XP Professional SP3, 32 bit