I have user vbezhenar. I run browser under that user. I have system storage for sensitive data. Its data available only via API which checks permissions. E.g. only Chrome can access its data.
Chrome must be able to read its cookies, so cookies file must be readable/writeable for user vbezhenar. And there are high chances that I'll run malware program under this user vbezhenar too, so it can read cookies file, but it won't be able to access encryption password.
Chrome must be able to read its cookies, so cookies file must be readable/writeable for user vbezhenar. And there are high chances that I'll run malware program under this user vbezhenar too, so it can read cookies file, but it won't be able to access encryption password.