wiki.mozilla.org/Mobile/GeckoVi
> Self-Contained: Because GeckoView is a standalone library that you bundle with your application, you can be confident that the code you test is the code that will actually run.
Targeting a specific release of a browser engine is a serious anti-feature.
Conversation
The status quo is targeting a stable API without being able to depend on a specific version, since it receives automatic updates. Encouraging applications to bundle their own web rendering engine specifically so they can delay updating it is serious step backwards for security.
1
1
3
Not to mention to severe loss of security going from a well sandboxed rendering engine like the standard WebView to a browser engine with no sandbox implementation for the platform. The 3rd point on that list is simply dishonest, which is typical of how Mozilla presents Firefox.
1
1
2
This Tweet was deleted by the Tweet author. Learn more
Replying to
There's a standard isolatedProcess sandbox which is the semantic layer of the Chromium sandbox. They could be using that, if they were inclined to truly care about security rather than just the perception of it. I do think they plan to use it but it's clearly not a high priority.
Replying to
Chromium implements an additional layer of sandboxing via a custom seccomp-bpf filter primarily for kernel attack surface reduction on top of the semantic sandbox provided by the OS. The baseline sandbox is a good starting point though, and it's incredibly easy to use it too.