Canmove, confirm
1,220
edits
Changes
→Background
=== Background ===
The basis of the Firefox process sandboxing is that untrusted web content is loaded in untrusted Content Process, separated from the parent Chrome process which acts a broker to access privileged OS functionality and data. Content processes execute in a sandbox which limits the system privileges so that if a malicious web page manages exploits a vulnerability to execute arbitrary code it will be unable to compromise the underlying OS.
* access restricted network resources.
The reality is more complicated as Firefox requires many of these privileges to run, and was not originally designed to be sandboxed. However work to implement support for sandboxed processes on Windows, OSX and Linux is [[Security/Sandbox| already underway]]. Initial support for sandboxing is available on all release versions of Firefox, and the next step is to harden the sandbox by tightening restrictions for content processes by moving or remoting sandbox-incompatible code to the parent.
===Browser Hardening===
