Cookies need to be encrypted when stored on disk
Categories
(Core :: Networking: Cookies, enhancement, P3)
Tracking
()
People
(Reporter: webmaster, Unassigned)
References
(Depends on 2 open bugs)
Details
(Keywords: sec-want, Whiteboard: [necko-triaged])
Comment 1•25 years ago
|
||
Reporter | ||
Comment 2•25 years ago
|
||
Comment 3•25 years ago
|
||
Reporter | ||
Comment 4•25 years ago
|
||
Comment 5•25 years ago
|
||
Comment 6•25 years ago
|
||
Comment 7•25 years ago
|
||
Comment 8•24 years ago
|
||
Comment 9•20 years ago
|
||
Comment 10•5 years ago
|
||
Here is how I got here today, 16 years since the last comment (Firefox 76, macOS 10.15 Catalina).
-
Used Firefox as my primary browser for years, thinking that my data was protected from other running apps
-
Downloaded Yandex Browser (via
brew cask install yandex
) just to test if one Chrome extension works in it or not -
Opened Yandex Browser. Saw:
- no prompts from FF
- a keychain prompt about Chrome storage, which I rejected
Yandex Browser featured: - all my currently open FF tabs (OK)
- all my FF history (meh, but maybe OK)
- active logged in sessions into gmail, github, facebook, twitter and so on (W T F ?!)
So what happened was that some macOS app I just downloaded sniffed the Firefox DB and could successfully read all my browsing data! That's pretty shocking to say the least!
I’m a web developer who actively uses yarn and npm each data. Ths means that I routinely download thousands of third-party packages and it's just a matter of time when a just-published malicious package will be able to read stuff from my disk. This won’t do harm to apps relying on the macOS keychain and even my ssh keys will be safe, thanks to the master passwords. However, the unencrypted FireFox DB will be a trivial target for hackers – this case with Yandex Browser demonstrates that there are no barriers opening it!
I'm not an expert in desktop app development, but I'm pretty sure that macOS is capable of making the data secure. It must be a matter of some negotiation between a signed app and the OS, all happening without any user involvement.
Is keeping a sqlite file with some extremely sensitive data still acceptable in 2020?
Comment 11•5 years ago
|
||
You most likely want bug 1562324 which wasn't possible (supported by OSes) when this bug was WONTFIXed. It is now (that's what's behind that keychain prompt you got for Chrome) and using it is what bug 1562324 is about.
Comment 19•1 year ago
|
||
bug 19184 is a more general "encrypt everything" bug but cookies are worth considering separately. Moving some dupes from that one to here.
bug 1889150 is another potential technology that this could be built on once it's done. details are sparse though. bug 1562324 might still be the best bet.
Updated•1 year ago
|
Updated•1 year ago
|
Updated•1 year ago
|
Comment 23•1 year ago
|
||
I am not putting this on our priority backlog as we have pending dependent bugs.
But we should put this on our roadmap once we have the required code support available to implement this.
Ed, FYI.
Updated•1 year ago
|
Description
•