|
|
|
|
|
|
by palant
1112 days ago
|
|
|
Note: I’m the author of this article. We aren’t talking about breaking out of the sandbox here, the extension sandbox stays intact. The problem is that this sandbox has plenty of privileges. And so Chrome attempts to restrict what code runs in this sandbox. Technically speaking, they succeed – only the extension’s own code runs inside the sandbox here. But this is a mechanism aimed at preventing security vulnerabilities, not at combating outright malicious extensions. An extension can always download some data guiding its decisions. These extensions take it to the extreme, essentially turning that data into code. |
|
|