Michael Catanzaro wrote:
I presume it uses a sandboxed multiprocess architecture anyway, like upstream Chromium. Is it not true?
If so, it's surely one of the most secure packages we have in Fedora. Of course, that's no good excuse to fall behind on security updates. But I have high confidence in Chromium's sandbox.
It is true. QtWebEngine uses the Chromium seccomp sandbox. (I can definitely confirm that because bugs in the sandbox policy, such as incompatibilities with newer glibc versions, immediately manifest in some or all web pages completely failing to render. I have had to fix a couple of these. So seccomp is definitely used.)
Kevin Kofler