Is it possible that, over time, this will change as Firefox's parallelism is written more in a language that is less subject to these vulnerabilities in the first place?
Does the way that threads isolate memory in Rust make transitioning things out of process more straight forward?
-
-
If your architecture is written in Rust, sure. That was how I got Servo to be multiprocess in the first place. (Not as applicable to Gecko)
-
We found this to be somewhat true when we migrated a lot of
@skylight into a daemon. I wonder whether some abstractions could be written to enable this more (like https://ruby-doc.org/stdlib-2.4.0/libdoc/drb/rdoc/DRb.html … for Ruby)
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
serde for IPC. One of the Pwnium vulns involved RCE via exploiting Chrome’s handwritten IPC code for out of process GPU.