The plug-in sandbox is too weak to be robust, see the other thread about it. As long as it has access to HWNDs, it's very easy to break out of it.
On Wed, Jul 29, 2009 at 10:43 AM, Adam Barth <aba...@chromium.org> wrote: > > I wonder if we could use something like the plug-in sandbox for the > main browser process in the intermediate term. That way the browser > could still have HWNDs and the like. > > Adam > > > On Wed, Jul 29, 2009 at 9:44 AM, Linus Upson<li...@google.com> wrote: > > I realize this is not a small request, but it would be better if we could > > move to a model where the browser was sandboxed and talked to a much > simpler > > process to carry out trusted operations on its behalf. > > Linus > > > > On Wed, Jul 29, 2009 at 3:29 AM, Eric Roman <ero...@chromium.org> wrote: > >> > >> Here is a design document for http://crbug.com/11746 > >> > >> > >> > http://sites.google.com/a/chromium.org/dev/developers/design-documents/out-of-process-v8-pac > >> > >> Feedback welcome. > >> > >> > > > > > > > > > > > > > --~--~---------~--~----~------------~-------~--~----~ Chromium Developers mailing list: chromium-dev@googlegroups.com View archives, change email options, or unsubscribe: http://groups.google.com/group/chromium-dev -~----------~----~----~----~------~----~------~--~---
