←back to thread

Escaping the Chrome Sandbox Through DevTools

(ading.dev)
406 points vk6 | 1 comments | 17 Oct 24 05:55 UTC | HN request time: 0s | source
Show context
Etheryte ◴[17 Oct 24 07:57 UTC] No.41867389[source]
Given the severity, I can't help but feel that this is underpaid at the scale Google is at. Chrome is so ubiquitous and vulnerabilities like these could hit hard. Last thing they need to do is to send the signal that it's better to sell these on the black market.
replies(9): >>41867499 #>>41867548 #>>41867653 #>>41867666 #>>41867873 #>>41868146 #>>41868628 #>>41868995 #>>41869073 #
faangguyindia ◴[17 Oct 24 11:35 UTC] No.41868628[source]
Chrome needs to be rewritten in Rust asap
replies(4): >>41869138 #>>41869301 #>>41871064 #>>41873446 #
1. gsck ◴[17 Oct 24 13:06 UTC] No.41869301[source]
No it doesn't? This has nothing to do with memory safety. Its a logical error, which Rust physically cannot prevent.