Apache OpenOffice (AOO) Bugzilla – Issue 65770
It is dangerous to share NSS configuration and data with other application
Last modified: 2006-06-07 15:38:44 UTC
OOo seems to share NSS configuration and data with mozilla. It is not safe because the NSS stuff does not support the file locking or a transaction method. The current situation would cause data loss when two application access the same files (key3.db, cert8.db, ...) OOo should provide its own configuration and store the data in extra forder.
Malte, can you comment on this?
IMHO shouldn't be a problem, because we don't write to NSS config...
OK, I'll try to speak for NSS (while I'm not a core developer there). So you don't get data corruption if you just read from the NSS database but there is still the issue that you share your NSS configuration (such as trusted root CA certificates) with another application (as it seems .thunderbird or whatelse you use if available). That's not intended since noone would expect to manage certificates e.g. in Thunderbird to be effective in OOo. That sounds a little bit strange to me.
We plan to force the user to choose which mozilla profile to use, instead of silently searching one. Then everything should be OK. For sure we do not plan to implement our own certificate management, bad enough that there is no personal global key store on Linux/Solaris, like on Windows... JL is working on this...
. *** This issue has been marked as a duplicate of 63114 ***
.