Announcement

Collapse
No announcement yet.

OpenBSD Sponsors Work For Better Browser Security

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • OpenBSD Sponsors Work For Better Browser Security

    Phoronix: OpenBSD Sponsors Work For Better Browser Security

    The OpenBSD Foundation is supporting work to adapt at least one web browser's JIT engine to support OpenBSD's "Write Xor Execute" policy for system memory...

    Phoronix, Linux Hardware Reviews, Linux hardware benchmarks, Linux server benchmarks, Linux benchmarking, Desktop Linux, Linux performance, Open Source graphics, Linux How To, Ubuntu benchmarks, Ubuntu hardware, Phoronix Test Suite

  • #2
    I would rather see more development go into AOT instead of JIT.

    http://en.wikipedia.org/wiki/Ahead-of-time_compilation

    Android Runtime (ART)
    http://en.wikipedia.org/wiki/Android_Runtime
    Last edited by plonoma; 02 March 2015, 11:10 AM.

    Comment


    • #3
      Originally posted by plonoma View Post
      I would rather see more development go into AOT instead of JIT.

      http://en.wikipedia.org/wiki/Ahead-of-time_compilation

      Android Runtime (ART)
      http://en.wikipedia.org/wiki/Android_Runtime
      AOT for a browser? I guess I am missing something.

      That comment aside, this is pretty awesome. I'd like to see FreeBSD utilize this memory framework... so much so that I might give OpenBSD a shot as a server just because it seems like they are putting a lot of emphasis on security. Although I was reading that they do not support Jails? What do you guys think?

      Comment


      • #4
        Originally posted by bpetty View Post
        AOT for a browser? I guess I am missing something.

        That comment aside, this is pretty awesome. I'd like to see FreeBSD utilize this memory framework... so much so that I might give OpenBSD a shot as a server just because it seems like they are putting a lot of emphasis on security. Although I was reading that they do not support Jails? What do you guys think?
        Well, OpenBSD is the one with the reputation for being focused on security at the expense of everything else, the one thing I would caution is making sure that the software you want to run actually supports this feature if that's why you want to run it.

        Comment


        • #5
          Definitely in favour of this.

          What I'd really hope for is that, in the long term, Mozilla finishes the incremental migration from Gecko to Servo that they're currently hoping for and then moves on to switching SpiderMonkey/IonMonkey/etc. over to Rust.

          The Rust language hasn't even reached version 1.0 and we're already seeing easy-to-use W^X-like patterns based on its strong support for inferred typing and ownership checking.

          (eg. The hyper library uses different types for HTTP connections in different phases of the lifecycle, so it can verify at compile time that you're not making mistakes like trying to set headers on a connection that's already sent them. The methods for doing that simply don't exist on the connection once it's been started and the borrow checker won't let you call methods on the old object after you've started the connection.)

          I could easily see something similar being used for compile-time verification of proper W^X semantics in a JIT compiler.

          Comment


          • #6
            AOT is supported in Firefox

            Originally posted by plonoma View Post
            I would rather see more development go into AOT instead of JIT.

            http://en.wikipedia.org/wiki/Ahead-of-time_compilation

            Android Runtime (ART)
            http://en.wikipedia.org/wiki/Android_Runtime
            Firefox already supports AOT, even before Android.

            They only use it for asm.js, because AOT for normal Javascript makes very little sense.

            Comment

            Working...
            X