Security/Sandbox/Process model: Difference between revisions

Jump to navigation Jump to search

Security/Sandbox/Process model (view source)

Revision as of 04:29, 14 November 2018

851 bytes removed ,  14 November 2018
→‎GPU Process
(→‎Future Process Types: update file process notes)
Line 52: Line 52:


=== GPU Process ===
=== GPU Process ===
There is currently an ongoing project in the graphics team to move the compositor from the parent process to a separate process (roughly FF53). Currently child processes allocate shared memory for texture data, write to it, and then pass it to the compositor in the Chrome process via IPC. In the new compositor model, the compositor doesn’t need to manage shared memory, but it would be able to keep track of allocations per process and kill child processes using too much memory. In general moving this code will not have a material impact on security posture:
Todo.
* The child process will still require access to the GPU
Not sandboxed currently
* On Windows, window handles (HWND) are expected to no longer be required in the child process
Only present on windows, but will likely be added to OSx and linux with Web Render.
* On Linux, the GPU process will be a significant improvement since the X11 connection will be handled by the GPU process (instead of the child)
* The GPU process is not currently planned to be sandboxed, however this might be a future improvement


=== WebExtension Process ===
=== WebExtension Process ===
See https://bugzilla.mozilla.org/show_bug.cgi?id=1320395
See https://bugzilla.mozilla.org/show_bug.cgi?id=1320395
Ptheriault
canmove, Confirmed users
1,220

edits

Retrieved from "https://wiki.allizom.org/Special:MobileDiff/1203905"

Navigation menu