[staticassertion]

This doesn't make any sense.

A) It's not a good idea. The Chrome sandbox is arguably a lot stronger than Apparmor/ Seccomp. A native program in Apparmor or SELinux can still make virtually arbitrary system calls, whereas an attacker who has compromised a Javascript renderer can not. Further, The attacker would have to own the renderer first, whereas you're talking about just giving native execution rights. Further than that, you can just Apparmor/seccomp chrome? So just go do that? I've done it myself.

B) The attacks described in the post have nothing to do with code execution on your system. They're talking about attacks like XSS, which would exist in any language that provides the ability to manipulate the DOM with strings - so, any of the ones that would be useful.

[techntoke]

> It's not a good idea. The Chrome sandbox is arguably a lot stronger than Apparmor/ Seccomp. A native program in Apparmor or SELinux can still make virtually arbitrary system calls, whereas an attacker who has compromised a Javascript renderer can not. Further, The attacker would have to own the renderer first, whereas you're talking about just giving native execution rights. Further than that, you can just Apparmor/seccomp chrome? So just go do that? I've done it myself.

In a container sandbox platform, you could still define the permissions that must be granted for a site. Like, this program wants to access your camera, should you let it? Or, it wants to access a directory. That isn't much different than a browser today.

[staticassertion]

It's not much different in its goals, it's just a strictly worse implementation.

[techntoke]

Nothing can be worse than the JavaScript monster we have today