No. This article describes an attack where the user has already gained access to the encrypted database, which assumes they have already subverted 2FA.
Not really, the databases are designed to be effectively public information. The security comes from the encryption, not OS-level file permission controls!
Doesn't this hark back to "If the attacker has local access, it's already game over"?