Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I just checked out Servo, and like all browsers it has a VERY large footprint of dependencies (notably GStreamer/GOject, libpng/jpeg, PCRE). Considering browsers have quite the decent process isolation (the whole browser process vs heavily sandboxed renderer processes), I wonder how tangible the Rust advantage turns out to be.


Browsers have had sandboxing for well over a decade, and the 3-4 catastrophic vulnerabilities per year happen in spite of that.

And most of them are in the browser code itself, not in dependencies. By far the biggest offender tends to be the JavaScript engine.


Are you sure?

I just looked at the top CVEs for chrome in 2025. There are 5 which allow excaping the sandbox, and the top ones seem to be V8 bugs where the JIT is coaxed into generating exploitable code. One seems to be a genuine use-after-free.

So I can echo what you wrote about the JS engine being most exploitable, but how is Rust supposed to help with generating memory-safe JITed code?


Like this: https://github.com/nbp/holyjit




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: