[snap] cannot use shared NSS db

Bug #1859643 reported by Olivier Tilloy on 2020-01-14
20
This bug affects 3 people
Affects Status Importance Assigned to Milestone
chromium-browser (Ubuntu)
Medium
Olivier Tilloy

Bug Description

(initially reported at https://askubuntu.com/questions/1202861/chromium-does-not-show-certificates-from-pki-nssdb)

Chromium can theoretically use the shared NSS db at ~/.pki/nssdb, but the snap confinement prevents it from actually using the shared db (it reads and writes to $SNAP/.pki/nssdb instead).

Shared certificates can be inspected by browsing to chrome://settings/certificates.

Really accessing the shared db would require an additional read/write personal-files plug on $HOME/.pki/nssdb, and patching GetDefaultConfigDirectory() in crypto/nss_util.cc.

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers