On 16 Feb 2020, at 8:02pm, Stefan Brüns <stefan.bru...@rwth-aachen.de> wrote:
> Will this stop anyone from just copying the DB without the -wal file? > Afterwards, the DB can be read, as there is no longer any associated log. The purpose of the locking is to prevent changes being made to the database during a browser session. The problem does not occur if changes are made between sessions. Having a third-party app read the database could be considered a vulnerability (a question for the Mozilla developer team, not me), but it is not related to this specific problem. > One use case I am aware of (although this targets places.sqlite, not > cookies.sqlite) is reading the history, bookmarks and tags. These things can be done using the bookmarks API, WebExtensions API, and other methods. Reading the SQLite database is actually more difficult. _______________________________________________ sqlite-users mailing list sqlite-users@mailinglists.sqlite.org http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users