Do not use BleachBit

This week we received two crash reports after a user tried BleachBit. Reason enough to write a word of warning about this application.

BleachBit invalidates shared memory included our shared data cashes. Any KDE application using will crash once the memory got invalidated. As to my knowledge Oxygen is a heavy user of the shared data cache any GUI application is affected.

If you think that you need to use BleachBit I recommend to read the wonderful article on lwn about it: BleachBit: Does GNU/Linux need the equivalent of a Windows registry cleaner? If you don’t know what it is, just forget about it, but warn anyone who you will see using it.

8 Replies to “Do not use BleachBit”

  1. According to the change log of bleachbit, the overwriting of files in /var/tmp/kde-* has long been disabled in bleachbit. But either people manually enable it (which only makes sense when KDE does NOT run), or the fix does not work correctly.

    1. yeah, I was quite surprised to see such crashes appear again. The issue had been gone some time ago, so I fear something changed in BleachBit.

      1. Since whitelisting some KDE files in /tmp a while ago, I am pretty sure there have been no changes in BleachBit with regards to cleaning /tmp. So I suggest maybe KDE has changed. If you can isolate a specific file (or pattern) that needs whitelisting, please file a bug report here https://bugs.launchpad.net/bleachbit

        1. Sorry, but I will never help applications which randomly delete and overwrite application files causing my application to crash and my users telling me I do a bad job about stability.

          Oh and it would just highlight how broken your software is, if we were not allowed to change anything because BleachBit would start to crash our applications once we introduce changes.

        2. WHITELISTING?
          is that a joke?

          check whether there’s an open file handle (you require root privs to guarantee that – x00 does not hold for root or kernel) -> IF NOT, then open the file -> delete it from filesystem -> override the inodes (if you seriously think you must)
          that order, not otherwise. and do not write random stuff into random files “because they’re not on your whitelist”. never! shm or not, besides a crash you may still corrupt user data and cause “random” bugs in random aplplications.

          That way bleachbit remains snake oil, maybe slows down things (hey, why does one cache after all?) but at least doesn’t act as malware (unless you oc. forgot to “whitelist” ~/docs/master-thesis/)

          whitelisting… – is it written in python then?

          1. for clarification (ok, got lost in my fury):
            right after deleting you ensure bleachbit is still the only process with an open filehandle on that file – otherwise don’t override it.

  2. Even if the user enables deleting under /var/tmp/kdecache-* while running KDE there would be no issue if the files were only removed. I don’t understand why BleachBit overwrites the file with random data before deleting the file.

Comments are closed.