Tor browser writes SiteSecurityServiceState.txt with usage history
Tor browser (hardened-6.0a4) writes a file called SiteSecurityServiceState.txt that has a list of sites I've visited. E.g. it has "en.wikipedia.org" and that definitely wasn't there after I first ran TB. It didn't appear right away when I visited Wikipedia but eventually made it to disk (maybe it writes every few minutes or just at shutdown).
I have all history disabled in privacy prefs (except cookies but they're only till shutdown according to the dropdown). I expect TB will not write history without consent, and I did not approve or even get a warning about this file. I don't even see an obscure option (about:config) to disable it. I guess I'll try symlinking /dev/null, and otherwise write some $LD_PRELOAD to fail the open().
I understand there are security benefits but unless the user has enabled some form of history I don't think it's acceptable. You could ship a default file with popular sites preloaded.