Javascript JIT in web browsers
Kevin Kofler
kevin.kofler at chello.at
Sun Aug 15 23:15:40 UTC 2010
drago01 wrote:
> The times where javascript is only used for some fancy effects are
> long over ... welcome to 2010 ;)
Some web sites are indeed abusing JavaScript. Why should we promote this
behavior? It is a vehicle for proprietary software, where people often
aren't even aware they're using non-Free code, or just ignore the issue.
See also http://www.gnu.org/philosophy/javascript-trap.html . A web site is
not and should not be an application, an application is not and should not
be a web site.
> The "problem" is fixable there is a patch that is being discussed
> upstream to fix the issue and allow selinux memory protection it is
> just not merged yet.
>
> Using a JIT is not a security risk by itself.
Workarounds which make SELinux happy are still not as secure as sticking to
a pure bytecode interpreter. Exploit code can still write to the memory to
be executed, with ANY JIT, as this is how a JIT works. It's just that the
writing has to happen through a different address space window as the
execution, making the JIT harder, but not impossible, to exploit.
So IMHO the right fix is to disable the JIT altogether.
But the proposed patch would still be better than the crappy solution
implemented now just to "stick to upstream" (having SELinux ignore the
problem).
Kevin Kofler
More information about the devel
mailing list