1. 25

  2. 4

    Since people have been arguing about security around workers a lot (since it trusts V8 primitives for isolation), I’m curious if it being open is going to lead to people finding new issues there. They do state that production has additional security (see quote below), but I’d guess they can’t protect against the main criticism of mixing customers in the same process?

    The Cloudflare Workers service uses the same code found in workerd, but adds many additional layers of security on top to harden against such bugs. I described some of these in a past blog post. However, these measures are closely tied to our particular environment. For example, we rely on build automation to push V8 patches to production immediately upon becoming available; we separate customers according to risk profile; we rely on non-portable kernel features and assumptions about the host system to enforce security and resource limits. All of this is very specific to our environment, and cannot be packaged up in a reusable way.

      1. 2

        Built on top of KJ! KJ is a little known foundational C++ library that is small, readable, and packs a lot of features. The code base is a great resource for learning modern C++.