1. 5
  1. 2

    These kinds of bugs are terrifying. You’re one click away in a browser from getting your home directory curled to the malicious third party.

    It’d be great to have browsers use syscalls like pledge + limit the filesystem access to basically zero so RCE is not as disastrous. Unless something similar is already being done.

    1. 1

      Wouldn’t running the browser in something like bubblewrap prevent that?

      1. 1

        It depends! Most browsers already use sandbox primitives provided by the operating system. Layering this with another sandbox might provide a second layer of defense, but it’s also a known source of crashes. I know that Firefox is unstable and more crashy when using e.g., sandboxie under windows.

      2. 1

        I don’t think that’s true. This is a memory-safety bug in the JavaScript component, which is usually within the sandbox. For home directory access, an attacker would have to find another bug, a sandbox bypass. These are generally harder to find and exploit.