Bagus Mahawan wrote:
> And one last question,
> Is it possible for an attacker to read key3.db and cert7.db ? I would be
> happy if there is any docs explaining the format of those *.db files (to see
> if they can be read easily by an attacker or not).
If an attacker can read files on a user's drive, then we have already
lost and there is no sense in trying to protect individual files. In
NS6, at least, I have worked very hard to keep an attacker from being
able to access a user's files. The major mechanisms are these: 1) a
website cannot load or link to a file on the user's drive, and 2) The
user's profile directory, which contains the cert db files, has a
randomized, unguessable directory name in its path, so unless an
attacker can list the contents of directories on the user's drive, they
won't be able to find the cert db files or anything else in the Mozilla
profile directory.
Local files are safe turf. Whether they can be "read easily" by an
attacker is the wrong question - an attacker shouldn't even be able to
get to these files or know where they are located.
-Mitch
