hacking session by copying mozilla directory

RESOLVED INVALID

Status

()

Firefox
Untriaged
RESOLVED INVALID
5 years ago
5 years ago

People

(Reporter: Zetro Track, Unassigned)

Tracking

25 Branch
x86
Linux
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

(Reporter)

Description

5 years ago
User Agent: Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:25.0) Gecko/20100101 Firefox/25.0 (Beta/Release)
Build ID: 20131028112629

Steps to reproduce:

On a Linux system, follow these steps:
1. Backup your ~/.mozilla directory
2. Close your firefox and remove your ~/.mozilla directory
3. Login to any computer (as admin) in your network, on which some user is running firefox.
4. copy its /home/<user>/.mozilla  directory to your home folder with scp.
5. Run firefox again.


Actual results:

1. Firefox may give you an error of crashing session.
2. Click restore session.
3. All the active tab of the user (including logged-in sessions like facebook etc.) will be opened in your computer's firefox.
4. You can also now presst Ctrl+Shift+T to restore all those tabs which that user has recently closed.
5. You can view this facebook chats in real time.
6. You have access to all of his private data.


Expected results:

The ~/.mozilla directory should be encrypted in such a way that after copying that directory to any other computer, at least logged-in sessions should not work, like facebook, email etc.
(Reporter)

Updated

5 years ago
Severity: normal → major
If someone has physical access to your computer to be able to do this they can do much worse and still get the same data. As such this is not a security sensitive issue.
Group: core-security
Severity: major → normal
(Reporter)

Comment 2

5 years ago
This means that the personal web accounts of limited users in a linux network is not safe from root!

Comment 3

5 years ago
Nothing to fix here, same problem for hundreds of applications as soon as someone has a physical access (or through a newtork) to your machine to steal your private data. Many exploits in Windows work like that too.
Status: UNCONFIRMED → RESOLVED
Last Resolved: 5 years ago
Resolution: --- → INVALID
You need to log in before you can comment on or make changes to this bug.