Comment 11 for bug 288236

>+ var dbConnection = cps.DBConnection;
>+
>+ try {
>+ dbConnection.beginTransaction();
>+ // Group records are the ones that contain hostnames, but we must
>+ // remove pref records as well, since they depend on group records.
>+ dbConnection.executeSimpleSQL("DELETE FROM prefs WHERE groupID IS NOT NULL");
>+ dbConnection.executeSimpleSQL("DELETE FROM groups");
>+ dbConnection.commitTransaction();
>+ }
>+ catch(e) {
>+ dbConnection.rollbackTransaction();
>+ throw e;
>+ }

I still think this code should be in the service so that sanitize.js doesn't need to know about the database - compare and contrast with other services

cacheService.evictEntries(...)
cookieMgr.removeAll()
globalHistory.removeAllPages();
...