Is it possible that, over time, this will change as Firefox's parallelism is written more in a language that is less subject to these vulnerabilities in the first place?
-
-
It does, because
serde for IPC. One of the Pwnium vulns involved RCE via exploiting Chrome’s handwritten IPC code for out of process GPU. -
Does the way that threads isolate memory in Rust make transitioning things out of process more straight forward?
-
If your architecture is written in Rust, sure. That was how I got Servo to be multiprocess in the first place. (Not as applicable to Gecko)
-
We found this to be somewhat true when we migrated a lot of
@skylight into a daemon. I wonder whether some abstractions could be written to enable this more (like https://ruby-doc.org/stdlib-2.4.0/libdoc/drb/rdoc/DRb.html … for Ruby)
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.