[rajanaccros]

How does this affect process isolation? If only some components can be sandboxed at this fine grained level, aren't we still subject to process isolation to sandbox everything else? It would seem like one still has to run fission.autostart true to isolate the components that cannot be compiled in this way, therefore not gaining the benefit of less overhead as stated in the article.

[bholley]

The purpose of RLBox is to add an extra layer of component-level isolation on top of Firefox's process-based site-level isolation. The reduced overhead is relative to the hypothetical scenario in which we performed the component-level isolation with processes (rather than WebAssembly).

[rajanaccros]

Ohh I see. Not a replacement for process based site level isolation. I just wasn't wrapping my head around that. Makes much more sense now. Thanks for the explanation.

[majkinetor]

However, without removing processes it will still be as slow as today, which I really hope browsers will do.

[ekr____]

I think a more likely way to think about it is that this allows us to sandbox things that would otherwise would not be sandboxable. For a variety of reasons, it's probably not practical to remove the existing process sandboxes.