|
|
|
|
|
|
by othermaciej
4846 days ago
|
|
|
Getting sandbox escapes from Mac Safari and iOS Safari requires completely different exploits. The code execution stage of a complete exploit could be shared, but it could also be shared with Chrome. So you'd think the same argument of iOS Safari exploit market value would apply either way. My theory is that not much research has been done yet on breaking the WebProcess sandbox. Which makes me sad. |
|
|
You're focusing too narrowly on the sandbox itself. You have to consider the whole stack, and all of the surface exposed from within the sandbox. Consider the Chrome sandbox escape from yesterday, which didn't use anything specific to Chrome. It targeted part of the Windows stack that's guaranteed to be exposed to every process on the system.