On Sun, Aug 15, 2010 at 9:45 PM, Matt McCutchen <matt@xxxxxxxxxxxxxxxxx> wrote: > On Sun, 2010-08-15 at 18:26 +0200, Kevin Kofler wrote: >> But the end effect is, we're allowing a web browser to disable memory >> protection, exposing all users to a severe security risk from merely >> browsing web sites. IMHO, the performance improvements in JavaScript aren't >> worth that risk. The times where javascript is only used for some fancy effects are long over ... welcome to 2010 ;) > An alternative is to run the JavaScript in a less-privileged process, > like I believe Chromium does. The "problem" is fixable there is a patch that is being discussed upstream to fix the issue and allow selinux memory protection it is just not merged yet. Using a JIT is not a security risk by itself. -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
