The V8 Sandbox (v8.dev)
from tedu@inks.tedunangst.com to inks@inks.tedunangst.com on 04 Apr 2024 23:37
https://inks.tedunangst.com/l/5100

After almost three years since the initial design document and hundreds of CLs in the meantime, the V8 Sandbox — a lightweight, in-process sandbox for V8 — has now progressed to the point where it is no longer considered an experimental security feature. Starting today, the V8 Sandbox is included in Chrome’s Vulnerability Reward Program (VRP). While there are still a number of issues to resolve before it becomes a strong security boundary, the VRP inclusion is an important step in that direction. Chrome 123 could therefore be considered to be a sort of “beta” release for the sandbox. This blog post uses this opportunity to discuss the motivation behind the sandbox, show how it prevents memory corruption in V8 from spreading within the host process, and ultimately explain why it is a necessary step towards memory safety.

#browser #javascript #jit #programming #security

#browser #inks #javascript #jit #programming #security

threaded - newest