Y
Hacker News
new
|
ask
|
show
|
jobs
by
taway1237
1001 days ago
There's a huge difference. Browser sandboxes are not "real" VMs and share a kernel. And in case of Chromium it's enough to read a few bytes from another process (token) to escape.
1 comments
nolist_policy
1001 days ago
Can you elaborate on that? What do tokens have to do with breaking out of a sandbox?
link