Browsing the net for one thing unexpectedly brought me to two good and useful documents:

(1) Guide to the Secure Configuration of Red Hat Enterprise Linux 5 http://www.nsa.gov/ia/_files/os/redhat/rhel5-guide-i731.pdf Revision 4.1 February 28, 2011

(2) Hardening Red Hat Enterprise Linux 5 http://people.redhat.com/sgrubb/files/hardening-rhel5.pdf Updated 12 August 2010

Gnome Thumbnail system is mentioned in (1) as dangerous. As many Centos/Red Hat installations use it, here is a brief extract from page 30.

2.2.2.6 Disable All GNOME Thumbnailers if Possible

The system’s default desktop environment, GNOME, uses a number of different thumbnailer programs to generate thumbnails for any new or modified content in an opened folder.

Execute the following command to prevent the thumbnailers from automatically creating thumbnails for new or modified folder contents:

gconftool-2 --direct \ --config-source xml:readwrite:/etc/gconf/gconf.xml.mandatory \ --type bool \ --set /desktop/gnome/thumbnailers/disable_all true

This effectively prevents an attacker from gaining access to a system through a flaw in GNOME’s Nautilus thumbnail creators.

------

I hate the thumbnailers, particularly as I have over 12,000 photographs on one machine and thousands more to be added. Eye of Gnome just ignores the 'thumbnail' off setting in Gnome.