Login/Register
How does Opera copy Chrome cookies
Asked Answered
Solved google-chromesecuritycookiesopera
A

1

8

I've installed Opera in my PC just to do some web development tests. Before installing, we are asked if we want to copy some stuff (Cookies, history, passwords, etc) from the default browser (which is Chrome in my machine).

I didn't change anything and after the installation Opera was launched. I got scared, amazed and a mix of emotions filled my body when I saw that the system that I'm developing had my user logged in. So I decided to see if other websites had this same behavior.

For my surprise, Facebook, Gmail, Github, all sites were with my user logged in.

Isn't it a huge security flaw?

How does Opera copy it? Because the copy itself should not keep the users logged.

By the way, which is the advantage of copying cookies? I just can see it as a security failure.

Antitoxic answered 28/9, 2016 at 13:57 Comment(7)
A cookie is just a key-value pair, a login cookie just contains a hash of your login token. Browsers have to store this information somewhere and it's generally a file in your user folder. If you use windows that location is generally c:\users\<yourUsername>\AppData\Local\Google\Chrome\UserData\Default. This post has more information: #31022264Rail
OK! I know what is a cookie and how Chrome works with Cookies, but my problem is with the copy made by Opera. Opera got the cookies from Chrome and all of those sites were with my user logged in. This is a problem, because the login token should be invalidated as I'm accessing a site from another browser. Looking from this point (login cookie = hash of login token) and knowing that Opera copies it normally, I can understand that copying cookies from another user will let me access everything of that person. I think this kind of thinking will take us to CSRF attacks.Antitoxic
You have to be logged onto the same machine to copy a cookie from another user. Generally you cannot access the users directory for others unless you have admin rights. If your system is properly setup that should not be an issue.Rail
token isn't locked to a browser as there isn't browser specific information for themRail
opera uses the same engine as chrome. this makes it very easy for them to provide this feature. They also asked you if they should import the stuff. From my point of view this is just a good feature.Residuum
Is there a possibility to disable such behavior?Indicatory
@VictorLeal, I've got same mixed feelings. Found your post on SO after I asked a similar question on SU. Then my move was to delete the question and report it as a sec issue to Chromium. Now they've dismissed it as a known "outside Chrome's threat model" issue. I kinda understand this but I still wish they'd handle the local profile data with a better protection.Borghese
D
3

If you install software on your computer, the installer/installed software can read other files installed on your computer. Chrome stores history, cookies, etc as files on your computer.

Note that mobile operating systems like Android behave differently.

Isn't it a huge security flaw?

No. It just means that software you have authorized to run on your behalf can read files you own. If you don't want it to read files, don't install it, or install it as another user.

which is the advantage of copying cookies?

It lets you keep your logins to Facebook, or say remember your preferred language or other settings on web sites.

Because the copy itself should not keep the users logged

Authentication cookies should be session cookies, i.e. not stored to disk. It is more likely that you copied your "remember me" cookies to Opera, and it used that to login instead.

Delinquent answered 28/9, 2016 at 16:28 Comment(1)
It's very different than that. I never logged in into facebook in my chrome, but password is saved in chrome. Still opera directly logs in into facebook, directly. How come this happen? Isn't it a security flaw. Is there any such consent seeking statement?Geologize

© 2022 - 2024 — McMap. All rights reserved.