Hacker News new | ask | show | jobs
by mikeecb 3291 days ago
One of the reasons the Chrome browser uses one process per tab is so that memory between web-pages is isolated. By doing this, an attacker in control of a renderer process cannot read data from another renderer process (web-page).

It seems like Firefox has made a security / memory tradeoff here since renderer processes can render multiple (4 by default) web-pages at a time.
4 comments
teraflop 3291 days ago
Chrome doesn't strictly follow the one-process-per-tab rule either. If you browse for a while with a bunch of tabs open, and then check Chrome's Task Manager, you'll see that it's quite common for a single process to render tabs from multiple different domains.
link
thnhtnhnhn 3291 days ago
Correction: Firefox doesn't use n content processes which render 4 tabs each. By default, it uses 4 content processes which share the task of rendering your n tabs. (AFAIK, at creation time, each tab is assigned one of those rendering processes.)
link
chimeracoder 3291 days ago
> One of the reasons the Chrome browser uses one process per tab

Chrome does not use a process per tab. It uses a process per domain (mostly), unless you middle click a link in which case it always shares the same process as the original tab.

link
bzbarsky 3291 days ago
> It uses a process per domain (mostly)

No, that's not quite right. What they do really is closer to proces-per-tab (with some complications around cross-site navigation) unless you have more than some number of tabs, in which case they will just have them share processes. See https://www.chromium.org/developers/design-documents/process... and note that the default is to put multiple "independent" instances of the same site in different processes, even though they're same-domain. What you're describing is the non-default "Process-per-site" model.

> unless you middle click a link in which case it always shares the same process as the original tab

I believe they changed that behavior starting with Chrome 60. See https://codereview.chromium.org/2680353005/ which talks about ctrl-click, but I would assume (watch me turn out to be wrong!) that middle-click takes the same codepath.

link
mikeecb 3291 days ago
They've made efforts to make it more isolated though [1]. It seems like Firefox isn't going in this direction.

[1]: https://www.chromium.org/developers/design-documents/site-is...

link
oblio 3291 days ago
https://news.ycombinator.com/item?id=14549100
link