|
|
|
|
|
|
by nolist_policy
688 days ago
|
|
|
Let's see, the root filesystem is read-only with tamper-proof authentication, user's home directory is encrypted. Chrome runs with the usual privilege separation in multiple processes each in it's own tight sandbox. There is no way to autostart anything. Even in the nuclear case of a 0-day RCE + chained sandbox breakout + privilege escalation to root, the threat can not persist itself... you just reboot the device and are save again. And the list goes on... Their crosvm VMM puts every emulated piece of hardware in it's own isolated process[1]. The drive emulator is blocked from even open files itself. Google has lot's of experience in security, they are one of the few who still build their own browser, the most hostile environment. [1] https://crosvm.dev/book/appendix/sandboxing.html |
|
|