logoalt Hacker News

yjftsjthsd-hyesterday at 10:42 PM3 repliesview on HN

In mean... It kinda feels like this is legitimately true? An attacker trying to do anything on a user's machine through this would have to find a Firefox vulnerability and a vulnerability in the wasm runtime, which is such a high bar that I would actually feel remarkably safe running this thing. The only question is how performance works and whether there are any pain points using as a daily driver, but those feel likely to be a pretty minor point. Oh, and the usual caveat that an attacker can still compromise things inside the sandbox which does leave a certain amount of exposure (but if you run different things in different instances they're isolated).


Replies

rlmineing_deadyesterday at 11:03 PM

This is true but also this is probably also only half true. Sandboxing is not a fully solved issue since this 100% degrades firefox sandboxing since fission cant run and its running in singleprocess mode. Just wanted to be honest about this

coolelectronicstoday at 2:18 AM

Unless you're running every origin in a different instance, I wouldn't use this as a daily driver, since a site would only need to find a renderer vuln to be able to read the rest of your cookies as multiprocess isolation is disabled here

Retr0idtoday at 1:05 AM

Assuming you're running Firefox as the outer browser too, in theory it only needs a single bug in the wasm runtime, plus a sandbox escape.