Protecting the security and privacy of individuals is a central tenet of Mozilla’s mission, and so they constantly endeavor to make their users safer online. With a complex and highly-optimized system like Firefox, memory safety is one of the biggest security challenges. By Nathan Froyd.
Firefox is mostly written in C and C++. These languages are notoriously difficult to use safely, since any mistake can lead to complete compromise of the program. We work hard to find and eliminate memory hazards, but we’re also evolving the Firefox codebase to address these attack vectors at a deeper level.
The article’s main parts:
- A new approach – extensive use of both sandboxing and Rust
- Building a wasm sandbox
- Ahead-of-time compilation with Cranelift and friends
- Getting sandboxing correct
- Tainted data
With the core infrastructure for wasm sandboxing in place, Mozilla can focus on increasing its impact across the Firefox codebase – both by bringing it to all of their supported platforms, and by applying it to more components. Good read!
[Read More]