|
|
|
|
|
|
by geofft
4145 days ago
|
|
|
There's a bunch of good public docs on the Chromium security architecture. One big thing that having a separate process per origin does is that you can use OS sandboxing techniques on each process separately, and even if there are renderer bugs, an exploit can't immediately get to another origin; it provides defense in depth by also requiring a sandbox escape. Here's an old paper that talks about the architecture (it hasn't changed much at a high level): http://seclab.stanford.edu/websec/chromium/chromium-security... |
|
|