Closed Bug 57303 Opened 24 years ago Closed 24 years ago

removing db's screws up encrypted SDR data.

Categories

(Core Graveyard :: Security: UI, defect, P3)

1.0 Branch
defect

Tracking

(Not tracked)

VERIFIED INVALID

People

(Reporter: nitinp, Assigned: ddrinan0264)

Details

-have the latest netscape6 build. -Create a new profile. -Enable SDR from Edit|Preferences|Advanced|passwords. -Set your db Password. -Visit some webmail. -Save the data. -view the data. verify it is encrypted. -exit netscape6. -rename the cert7.db, key3.db, secmod.db so that you can restore to the old state. -restart netscape6. -try to view the data - "nothing happens" - I will expect the window to come up blank. -go back to the webmail that you had gone before. The data is not recovered , which would be the right behavior. -Now set a new db password and do some SDR thingy. Try to view the saved data. The window does not come up. If you go back to the site or page , the data will be pasted on the form indicating that the information was saved. So the bug is - if you delete the db's of a profile with an encrypted SDR information , you cannot view any SDR information in the future for that profile. You will have to delete the profile and start over.
adding keyword rtm
Keywords: rtm
I would suggest that this bug be marked invalid. There is nothing in the UI to delete only your cert DB, and no instructions for the user to do so. The Profile Manager deletes the whole profile, not just parts of it.
I agree that this should be invalid, but for other reasons. There is a command to allow you to remove the encrypted database (it's under the tasks->privacy->password-manager menu). That command allows you to delete all even if you don't know the password. The command was included specifically for users who forgot their password and therefore needed to reset the database but didn't want to delete the rest of the profile. And this same command could be used in this case as well.
Invalid. Reopen if you disagree.
Status: NEW → RESOLVED
Closed: 24 years ago
Resolution: --- → INVALID
Verified invalid.
Status: RESOLVED → VERIFIED
Mass changing Security:Crypto to PSM
Component: Security: Crypto → Client Library
Product: Browser → PSM
Version: other → 2.1
Mass changing Security:Crypto to PSM
Product: PSM → Core
Version: psm2.1 → 1.0 Branch
Product: Core → Core Graveyard
You need to log in before you can comment on or make changes to this bug.