In the Embedder's Guide <https://github.com/v8/v8/wiki/Embedder's-Guide#contexts>, Contexts are described as allowing "separate, unrelated, JavaScript applications to run in a single instance of V8". Also, the section on Security Model <https://github.com/v8/v8/wiki/Embedder's-Guide#security-model> says that "In V8 an 'origin' is defined as a context." However, I'm pretty sure that Chrome uses separate Isolates within separate processes to isolate different browser tabs.
My questions are about running untrusted Javascript code, and the appropriate use of Isolates and Contexts, with respect to security and isolation of separate, unrelated, Javascript. - What safeties are in place that prevent Javascript from breaking out of a Context? - What safeties are in place that prevent Javascript from breaking out of an Isolate? - From a security perspective, is there a benefit to using separate Isolates within a single OS process, or would separate Contexts be just as good? I'm aware that Isolates don't support concurrent, multithreaded access. I expect that sandboxing separate OS processes for unrelated, untrusted Javascript files/applications is the most secure solution, but I'm trying to figure out how much better that is than multiple Contexts or Isolates within a single process. Thanks, Chris -- -- v8-users mailing list v8-users@googlegroups.com http://groups.google.com/group/v8-users --- You received this message because you are subscribed to the Google Groups "v8-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to v8-users+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
