Apple does not have the right (as much as they'd like to) to steal code and relicense it however they want.
The only parts of their KHTML fork that are licensed under a "we reserve the right to sue you" permissive licenses are the wrappers that they put around it to that they can use it without any dependencies on Qt. Their direct modifications to KJS and KHTML, while theoretically licensed under a permissive license on their own become licensed under the LGPL or the GPL as needed, including in Apple's own OS and the "Safari" web browser.
Webkit is just a brand name that Apple tries to control even as they only make up less than half the contributions to it now that other companies such as Google and Nokia have become involved.
As for the Webkit2 thing, it's just a layer that rides on top of Webkit. You don't "have" to use it, though nothing prevents other projects from doing so. Since It doesn't run its renderers in a sandbox like Chrome does, you have very little added security at this point. All it does mean is that you get:
Extra overhead for running each renderer in its own process.
This is mitigated by the fact that once a renderer is closed (when you close a tab), any memory it leaked is freed whereas earlier versions of Safari simply kept growing until you shut the browser down and restarted it. (Like Firefox does, although there aren't an insane amount of bona fide memory leaks there anymore. Most of what a user that doesn't know any better would call one can be reclaimed.They just hadn't bothered doing it until the memshrink project came about).
So, so far the split rendering in Webkit2 is dubious. The one benefit it does give is that if something hangs a renderer, then that renderer can probably be shut down. This is provided that there's no security problems in the underlying Windows or OS X kernel that let it crash the system with one line of code in the page, or automatically download and run malicious software on Windows.
It also wouldn't have stopped the Mac Defender malware that Apple refused to help users remove, or ilk.
From what I saw, at least one variant of Mac Defender got Safari to download and execute it without user intervention. It is Apple though. They routinely leave critical flaws open for months or years.
Webkit2 doesn't apply to Chrome or Chromium users because the split process model is integrated into the browser itself and has been for a few years. Webkit2's advantages are fairly weak compared to what Chrome and Chromium users have come to expect. Webkit2 can be regarded as Apple's impotent response to Chrome.
It seems to be working here: http://blogs.igalia.com/alex/2011/04...-port-running/
should be possible sandbox the web process (named as render process on google chromium) but isn't clear if is something that will be added on the future or something that will remain optional, so every product that will use webkit2, if want it, should implement their own code for that work.Quote:
... security (through the potential to sandbox the web process)
Sure but google chrome/chromium have this feautures heavy integrated inside their browsers, so is application specific, no flexible for a reuse on alternatives browser with the same webkit core.
Isn't browser on the Nokia N9 a webkit2 browser?