Re: FF vs. Chrome/Chromium

2017-09-29 Thread Stuart Henderson
On 2017-09-28, Boudewijn Dijkstra wrote: > Op Wed, 27 Sep 2017 16:44:01 +0200 schreef Theo de Raadt >: >>> Firefox has W^X compliance and so runs with the secure defaults. >> >> it uses page aliasing, which is a shitty way of being

Re: FF vs. Chrome/Chromium

2017-09-28 Thread Boudewijn Dijkstra
Op Wed, 27 Sep 2017 16:44:01 +0200 schreef Theo de Raadt : Firefox has W^X compliance and so runs with the secure defaults. it uses page aliasing, which is a shitty way of being compliant Do you mean dual-mapping a.k.a. double-mapping? I found some old patches using

Re: FF vs. Chrome/Chromium

2017-09-28 Thread Artur Pedziwilk
> On 27 Sep 2017, at 16:44, Theo de Raadt wrote: > > you really shouldn't be promising that to anyone. it might not happen, > their design might not allow it. > > pledge in giant programs is very rare. chrome got LUCKY, and there is > no evidence that firefox will also.

Re: FF vs. Chrome/Chromium

2017-09-27 Thread Theo de Raadt
> Firefox has W^X compliance and so runs with the secure defaults. it uses page aliasing, which is a shitty way of being compliant > The latest Firefox (Not ESR as mtier provides) has recently had > sandboxing for Windows and Linux added and legacy extensions will be > phased out. > > It is

Re: FF vs. Chrome/Chromium

2017-09-27 Thread Kevin Chadwick
On Wed, 27 Sep 2017 14:49:19 +0200 > Hi there! > > Last night I enjoyed reading through the different presentation > slides from EuroBSDcon 2017. > > Relating to Theo's presentation on 'Pledge and > Privsep' (https://www.openbsd.org/papers/eurobsdcon2017-pledge.pdf) > he states that firefox

FF vs. Chrome/Chromium

2017-09-27 Thread Stefan Wollny
Hi there! Last night I enjoyed reading through the different presentation slides from EuroBSDcon 2017. Relating to Theo's presentation on 'Pledge and Privsep' (https://www.openbsd.org/papers/eurobsdcon2017-pledge.pdf) he states that firefox cannot be pledged while "chrome was strongly pledged