Necko: Sandboxing TCP/UDP socket in a separate process
Jump to navigation
Jump to search
Objectives
Move all the network and socket operations to an isolated process.
Goals
- For security
- Sandboxing network access into a separate process, preventing chrome process from opening socket
- Preventing protocol security hole to be used to control the entire browser
- For stability
- Allow recovering network layer without rebooting firefox, if crash/assertion is detected in the socket process
- For performance
- No major regression found for start-up performance and network throughput