News: 0000826623

  ARM Give a man a fire and he's warm for a day, but set fire to him and he's warm for the rest of his life (Terry Pratchett, Jingo)

Safely reviving shared memory (Mozilla Hacks)

([Development] Jul 21, 2020 17:03 UTC (Tue) (corbet))


The Mozilla Hacks blog [1]covers some recent Firefox changes that will allow code from web sites to use shared memory and high-resolution timers in a (hopefully) safe manner. " Together with others in the WHATWG community, we designed a set of headers that meet these requirements. The Cross-Origin-Opener-Policy header allows you to process-isolate yourself from attackers. It also has the desirable effect that attackers cannot have access to your global object if they were to open you in a popup. This prevents XS-Leaks and various navigation attacks. Adopt this header even if you have no intention of using shared memory! "



[1] https://hacks.mozilla.org/2020/07/safely-reviving-shared-memory/

Alan Cox <alan@lxorguk.ukuu.org.uk> wrote:
>
> Running with page aging convinces me that 2.2.19 we need to sort some
> of the vm issues out badly, and make it faster than 2.4test 8)

Ahh.. The challenge is out!

You and me. Mano a mano.

Linus