Charlie Zender wrote:
>
> I tried this but it did not work.
> First, I found my prefs.js in
>
> ~/.mozilla/zender/a4lk0swo.slt/prefs.js
>
> It contains a warning that it is a generated file.
> Sure enough, when I quit and restart mozilla, the changes
> I made manually are no longer there. What's the trick to
> making changes manually so they stick?
Quit mozilla, THEN make the changes, and then restart mozilla. Moz
writes that file from its own settings when you quit, but it will
preserve any changes that were there when mozilla was first run.
> P.S. Why are my personal mozilla files in such a strange directory?
> On another machine where I have mozilla installed, the personal files
> are in
>
> ~/.mozilla/mozProfile
>
> which seems to make much more sense.
It's a security measure. I'm guessing that your other machine had its
profile first created by an earlier version of mozilla, which didn't
have this measure.
The reason for it is that there have been many exploits in the past (for
4.x versions of Netscape, and I think also for some versions of mozilla)
which, although the actual bug causing the security hole was somewhere
else, would not have been possible if the attacker hadn't been able to
guess the name of the profile directory. By using a randomized string of
characters, an extra layer of security is provided: Even if the attacker
can exploit a security hole elsewhere in mozilla, they can't easily
access your profile directory because they don't know its name.
Of course, in an ideal world there would be no holes elsewhere in
mozilla, and this measure wouldn't be necessary. The randomized
directories are a recognition of the fact that there's no such thing as
an ideal world and we can never be *certain* that there are no security
holes in mozilla.
Stuart.
