Client cache control for securityprivacy - sqlite readable?

Think CEF could benefit from a new feature or capability? Discuss CEF feature requests here.

Client cache control for securityprivacy - sqlite readable?

Postby HarmlessDave » Thu Jan 22, 2015 3:32 pm

Hi,

The sqlite files used by CEF/chrome can be read with a DB browser, and answer #2 in this StackOverflow post seems to say that for Windows the encryption used for some values can be cracked by another program on the same PC: http://stackoverflow.com/questions/2253 ... -in-chrome

In other words, someone could run a program on the dbs in the cache folder and extract at least cookies, maybe more.

Privacy: person A could snoop on person B's activities using a cache folder reading app.

Security: This is our use case. We need to prevent users from spoofing our application (by reading cookies) and from doing a view source of some HTML pages on servers that we do not control. We also don't want them to be able to "see" some URLs by inspecting the history.

A post last year by someone else asked about disabling caching, but they never gave you a reason why and the thread went without an answer to how to accomplish it: viewtopic.php?f=6&t=11661

So, is there any way to disable caching in the client, as opposed to on the server? The only cache mentions I see in the sample client are ways to have the request ignore existing cache entries, and the setting for the cache folder which (when left empty) still creates the cache folder in the user's temp folder.
HarmlessDave
Expert
 
Posts: 370
Joined: Fri Jul 11, 2014 2:02 pm

Re: Client cache control for securityprivacy - sqlite readab

Postby magreenblatt » Tue Jan 27, 2015 2:38 pm

You could create an in-memory disk using an external tool or OS function and use that as your cache directory. Or, if you want persistent storage, create and use an encrypted virtual disk.
magreenblatt
Site Admin
 
Posts: 12382
Joined: Fri May 29, 2009 6:57 pm

Re: Client cache control for securityprivacy - sqlite readab

Postby PolesApart » Fri Feb 13, 2015 7:50 am

Are there hooks in CEF/chromium for doing that inside the application? Because AFAIK windows doesn't have private namespaces for disk I/O, so if you use something as you propose, the only thing preventing a malicious user/application to seeing the encrypted disk contents would be user permissions, which is not something normally dependable as the unencrypted data is normally accessible when the system is on and you already have same user permissions (normal scenario), versus i.e. a transitory in-memory key asked when the application opens and (realistically) encrypted data on disk. Otherwise the user/hacker/malware would have to mess with application internals and/or work for stealing the key, which sometimes is better security (it's usually very vulnerable to social engineering, but that's something else).
PolesApart
Mentor
 
Posts: 73
Joined: Fri Dec 05, 2014 1:24 pm

Re: Client cache control for securityprivacy - sqlite readab

Postby magreenblatt » Fri Feb 13, 2015 11:30 am

Data is by necessity unencrypted in memory. If someone/something already has access to the running system outside of the browser (or some other) sandbox then there's really nothing that you can do at that point to protect your data. I believe this is a pretty well accepted security principal.
magreenblatt
Site Admin
 
Posts: 12382
Joined: Fri May 29, 2009 6:57 pm


Return to Feature Request Forum

Who is online

Users browsing this forum: No registered users and 13 guests