I found your statement very interesting, and would like to learn more. If you're allowed, would you please provide more details or links to resources that further explain the security issues that process-per-tab resolves?
There's a bunch of good public docs on the Chromium security architecture. One big thing that having a separate process per origin does is that you can use OS sandboxing techniques on each process separately, and even if there are renderer bugs, an exploit can't immediately get to another origin; it provides defense in depth by also requiring a sandbox escape.
Here's an old paper that talks about the architecture (it hasn't changed much at a high level):
Here's an old paper that talks about the architecture (it hasn't changed much at a high level):
http://seclab.stanford.edu/websec/chromium/chromium-security...