Hello,
is it possible with D+ to prevent certain files from being read by programs not specially allowed to do so?
For example I use the Firefox password manager (without a master password) and I don’t want any other program, beside FF, so allow file access.
If this isn’t possible, will this feature be implemented some day?
Thanks
What type of file is password manager? An executable or a data file or a different type of file?
If speaking of the same think, FF password manager is not a file, but the feature allowing FF to store passwords (altough one should never do that).
In FF 3.5 and 3.6, the storage of the passwords is made of 2 files: key3.db and signons.sqlite.
The first one is the key database for your passwords, the second one has the passwords themselves.
As it name tells, it i a sqlite database, and thus not easy to read if you don’t have a sqlite reader, it is not a very common situation.
It can be read from notepad only for “generic” lines of code like:
a[!Cindexmoz_logins_hostname_formSubmitURL_indexmoz_loginsCREATE INDEX moz_logins_hostname_formSubmitURL_index ON moz_logins(hostname, formSubmitURL)na?! indexmoz_logins_hostname_indexmoz_loginsCREATE
but the passwords are unreadable themselves because crypted.
Moreover, these files lie under your FF default profile (“random.characters”.default) making it nearly impossible to access from an itself random web request.
One cannot forbid the use of these folder and files as they need to be written and read by FF.
If passwords are actually activated within FF, i know of no way to keep a local user to read them, excepting of course enforcing administrative privileges and FF master password.
Another way, if using NTFS, is to set specific user permissions to the profile FF folder.