MozillaWiki

Firefox3.1/JS Tracing Security Review: Difference between revisions

Page Discussion

Firefox3.1/JS Tracing Security Review (view source)

Revision as of 20:58, 13 January 2009

42 bytes added ,  13 January 2009
→‎Review comments
 
Line 55: Line 55:
== Review comments ==
== Review comments ==
* nanoJIT needs a separate security review (probably code-level review)
* nanoJIT needs a separate security review (probably code-level review)
** out of memory conditions in particular
* GC has been largely disconnected from tracing: if GC happens while we're recording we keep recording (so nothing is interrupted when it's not expecting it) but we throw away the trace.
* GC has been largely disconnected from tracing: if GC happens while we're recording we keep recording (so nothing is interrupted when it's not expecting it) but we throw away the trace.
* main attack would be getting us to generate dangerous code.
* main attack would be getting us to generate dangerous code.
Dveditz
canmove, Confirmed users
637

edits

Retrieved from "https://wiki.allizom.org/Special:MobileDiff/123891"