Is this behavior expected? I would imagine it would be a privacy violation in a multi-user system. I thought they had some sort of encryption for hiding the sites that I visit.
BTW, FF does not do this on private mode. But still it is concerning, that any program can know about the sites I visit just by looking at ~/.mozilla/profile/storage/default.
The tilde (~) means that path is located in the per-user home directory. The default behaviour is for user home directories to be only accessible by that specific user.
The encryption you’re referring to is likely specific to Firefox Sync (i.e. syncing your FF settings, history, etc. across devices). Sync is end-to-end encrypted. But I’m not surprised that it’s unencrypted on disk.
But wouldn’t it be better if they chose to obfuscate it. Are there any inherent disadvantage in doing so?
Generally, no. If a person has access to your home folder, it doesn’t matter if site-data is site-data or some UUID, the person can still look around and find that data. How to do so would be on the internet, in the source code for Firefox.
Firefox simplifies its engineering efforts and makes site-data clearly visible to the proper user by relying on the system’s security measures instead of inventing its own bespoke ones.
This behavior is expected.
On a multi-user system, this is not a problem, because other users (except root) are not allowed to list directories within your home directory.
For processes that run on your system, this is the same: Usually, only your own processes are allowed to list your files. Then, they can also read your browsing history and all kind of personal files. So, you should not run processes that you don’t trust in respecting your privacy.
And for all site visits that you don’t want to leave traces on your hard drive, you use the private browsing mode. (Keep in mind, that you still leave traces for persons that can read the traffic - even if the traffic is encrypted.)
I forgot to mention:
If you want/need to restrict processes that you run, you can, for example, use AppArmor or SELinux to restrict paths that they are allowed to access.
Or you use containers (Podman, Docker) to run low-privileged containers without access to your home directory.
If you are worried about other users on your machine then you can verify/update your umask so others can’t access your files.
If you are worried about programs under same user then you need to use AppArmor and or firejail heck you can even go crazy and use SELinux.
If you are concerned about a program you installed spying on you, then why do you use that program? If it can access a personal directory in Mozilla, what does it stop from accessing all the other files on your system?
