0·
16 days agoThis behavior is expected.
On a multi-user system, this is not a problem, because other users (except root) are not allowed to list directories within your home directory.
For processes that run on your system, this is the same: Usually, only your own processes are allowed to list your files. Then, they can also read your browsing history and all kind of personal files. So, you should not run processes that you don’t trust in respecting your privacy.
And for all site visits that you don’t want to leave traces on your hard drive, you use the private browsing mode. (Keep in mind, that you still leave traces for persons that can read the traffic - even if the traffic is encrypted.)
I forgot to mention:
If you want/need to restrict processes that you run, you can, for example, use AppArmor or SELinux to restrict paths that they are allowed to access.
Or you use containers (Podman, Docker) to run low-privileged containers without access to your home directory.