935890 - hacking session by copying mozilla directory

Status: RESOLVED INVALID

(Firefox :: Untriaged, defect)

Description

[Zetro Track]

User Agent: Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:25.0) Gecko/20100101 Firefox/25.0 (Beta/Release)
Build ID: 20131028112629

Steps to reproduce:

On a Linux system, follow these steps:
1. Backup your ~/.mozilla directory
2. Close your firefox and remove your ~/.mozilla directory
3. Login to any computer (as admin) in your network, on which some user is running firefox.
4. copy its /home/<user>/.mozilla  directory to your home folder with scp.
5. Run firefox again.


Actual results:

1. Firefox may give you an error of crashing session.
2. Click restore session.
3. All the active tab of the user (including logged-in sessions like facebook etc.) will be opened in your computer's firefox.
4. You can also now presst Ctrl+Shift+T to restore all those tabs which that user has recently closed.
5. You can view this facebook chats in real time.
6. You have access to all of his private data.


Expected results:

The ~/.mozilla directory should be encrypted in such a way that after copying that directory to any other computer, at least logged-in sessions should not work, like facebook, email etc.

Comment 1

[Curtis Koenig [:curtisk-use curtis.koenig+bzATgmail.com]]]

If someone has physical access to your computer to be able to do this they can do much worse and still get the same data. As such this is not a security sensitive issue.

Comment 2

[Zetro Track]

This means that the personal web accounts of limited users in a linux network is not safe from root!

Comment 3

[Loic]

Nothing to fix here, same problem for hundreds of applications as soon as someone has a physical access (or through a newtork) to your machine to steal your private data. Many exploits in Windows work like that too.