PSM:MozAppsWithSharedNSSDB
Introduction
Planning document for the NSS shared database feature in all Mozilla applications. The work is to be done in module PSM (core code).
Firefox et. al. use NSS for crypto operations (SSL etc.). Each Mozilla application profile directory contains several NSS database files which contain personal certificates, the key to encrypt remembered passwords, trust information for certificate authorities, information about installed external crypto hardware (e.g. smartcards), etc.
As of today, all the above must be managed for each application and profile separately. It's desirable to share this information across multiple applications and profiles. By default, this storage shall be user specific across all NSS based applications. This page is about the required changes to Mozilla/PSM in order to make this sharing happen.
Decisions to be made
On Linux, Mac OSX and other unix platforms: $HOME/.nssdb/
(However, on some SuSE Linux systems the shared database feature has already been enabled for applications, and the default path used is: $HOME/.local/var/pki/nssdb/ )
On Windows: %APPDATA%\NSS\
On Mac OSX: $HOME/Library/Application Support/NSS/
Disadvantage of using a default path
Usually the path to Mozilla profile files contain a random component, a salt. For example, on Linux systems the path is ~/.mozilla/firefox/xxxxxxxx.default/ where xxxxxxxx is a random value.
The use of the salt makes it harder for malicious web sites to use potential application exploits to steal a user's files, because the salt is unknown to the attacker.
When switching to a user specific default path that shall work with any NSS based application, it seems necessary to stop using a salt component.
As a consequence the path to a user's default certificate database files will be known.
Despite the advantages of having a global NSS database, an advanced user might deliberately want to use a different database, e.g. when performing tests or when acting with a different identity.
Proposal:
By default, all Mozilla applications shall use the user-wide NSS default database.
An advanced user who desires to use a different secondary database shall set an environment variable to override the default behavior.
Proposal: Use environment variable NSS_SHARED_DB_PATH
(This proposal is derived from SuSE Linux who already has introduced this variable.)
No recording of path information in Mozilla profiles
Proposal: There shall be NO link from application profile configuration files to a shared database location. By default the user-wide path will be used, and having the environment variable specified at process start will always override this path.