Hacker News new | ask | show | jobs
by deanclatworthy 4225 days ago
Are there any potential security implications in providing low level access to OpenGL through a WebGL abstraction? Have there been any exploits in the wild?
1 comments
Arnavion 4225 days ago
The browser is essentially giving user-supplied code (shaders) to a graphics driver that isn't sandboxed in the way the browser's Javascript VM is.

This reason was used by Microsoft [1] and Apple to not implement WebGL in IE and Safari, but I don't know what's changed now.

[1] http://blogs.technet.com/b/srd/archive/2011/06/16/webgl-cons...

link