Confirmed users
214
edits
Media/WebRTC/WebRTCE10S: Difference between revisions
→ICE In Parent
| Line 103: | Line 103: | ||
==== ICE In Parent ==== | ==== ICE In Parent ==== | ||
The alternative design is to push the entire ICE stack into the parent process, as shown | |||
below. | |||
https://raw.github.com/mozilla/webrtc/master/planning/network-e10s-ice-parent.png | https://raw.github.com/mozilla/webrtc/master/planning/network-e10s-ice-parent.png | ||
The advantage of this design from a security perspective is that by pushing the | |||
connectivity checking into the parent process we completely remove the | |||
ability of a compromised content process to send arbitrary network | |||
traffic. | |||
The two major drawbacks of this design are: | |||
* The interface to the ICE stack is very complicated, which makes the | |||
engineering task harder. | |||
* The ICE stack itself is also complicated, which increases the surface area | |||
in the "secure" parent process. | |||
The ICE stack interface is found at: | |||
* http://hg.mozilla.org/mozilla-central/file/b553e9ca2354/media/mtransport/nricectx.h | |||
* http://hg.mozilla.org/mozilla-central/file/b553e9ca2354/media/mtransport/nricemediastream.h | |||