| |||||||||||||
Gnash, Lightspark, and ShumwayGnash, Lightspark, and ShumwayPosted Dec 9, 2012 16:24 UTC (Sun) by oak (subscriber, #2786)In reply to: Gnash, Lightspark, and Shumway by HelloWorld Parent article: Gnash, Lightspark, and Shumway
>> Hmm. Perhaps you can't "simply avoid" a fundamental feature of the language just by pretending it doesn't exist.
> > eval isn't a fundamental language feature any more than libjit/Lightning/Orc are.
Do Gnash or Lightspark use libjit/Lightning/Orc?
Nowadays browsers run the Flash plugins in separate processes. Is Shumway stuff run in a separate process or within the same browser process?
If latter, HTML interaction with JS may also needs to be considered for security, not just JS in isolation.
PS. One difference between compiled C/C++ code and JS is that latter is JITted for performance reasons, and also for performance reasons, the JITted code is typically memory mapped both as executable and writable. Whereas the compiled C/C++ code isn't mapped as writable in to memory.
While the JIT compiler probably is safe, I would expect the huge amounts of extra write/execute mapped memory to make injected code execution attacks elsewhere in Browser easier...?
(Log in to post comments)
Gnash, Lightspark, and Shumway Posted Dec 9, 2012 18:03 UTC (Sun) by cortana (subscriber, #24596) [Link]
The pages that store the result of the JIT compilation can have their mode changed once the compilation is complete, no?
|
|||||||||||||