Javascript JIT in web browsers
Matt McCutchen
matt at mattmccutchen.net
Thu Aug 19 04:10:51 UTC 2010
On Tue, 2010-08-17 at 21:31 +0200, Kevin Kofler wrote:
> Adam Williamson wrote:
> > Shipping a Firefox with no ability to use Javascript would be more or
> > less equal to not shipping it, frankly. No-one would use the thing.
>
> What I suggest is just to use the same old JavaScript interpreter we have
> used before the JIT was introduced, which they undoubtedly keep working for
> those platforms which don't have JIT support available at all. That doesn't
> mean no JavaScript support, just a performance impact which is probably
> negligible on most sites
Gmail makes very heavy use of JavaScript, so I bet the difference there
is significant. There may be Free Software web applications for which
the same is true, I'm just not familiar with them. I know you won't
believe me; someone who knows how will have to perform a test.
> and much better security.
You haven't convinced me of this. Are vulnerabilities that let one
inject enough code to exploit the JIT (particularly after the SELinux
patch) really that easy to find? But others have a better understanding
of attacks in machine code than I do.
--
Matt
More information about the devel
mailing list