zlacker

[parent] [thread] 1 comments
1. Joachi+(OP)[view] [source] 2017-11-19 17:29:58
A good place to look, but do note that that's the code written by the Qubes OS people - presumably, it's written with security in mind. Of course, Xen has had more eyeballs, so...
replies(1): >>monoca+x
2. monoca+x[view] [source] 2017-11-19 17:34:57
>>Joachi+(OP)
Chrome's IPC was written with security in mind too, but most of the sandbox escape exploits have been around IPC marshalling.

Unlike the nitty gritty of how the sandbox works, the IPC changes often with new releases. And quite frankly it isn't as fun, cool, or interesting as VMMs or other sandboxing techniques, so a lot of the time it isn't given the close eye that it should.

[go to top]