Mozilla to extend Firefox sandbox
Mozilla will extend the early, basic sandbox of Firefox 50 and bring the sandbox to the Linux and Mac versions. The organization reports this in a message about multi-process functionality for the browser.
Firefox 50 for Windows already includes a sandbox feature based on multi-process functionality, but according to Asa Dotzler of Mozilla, it is an early version that does not yet offer the security that is desired. That will follow with upcoming versions of the browser and then the Linux and Mac versions of Firefox will also receive sandbox support.
Firefox also had sandbox functionality before, but it was limited to plug-ins such as Flash and the Gecko Media Plugin, BleepingComputer writes. Sandboxing is seen as an important security technique. It separates important core tasks from running other potentially exploitable activities in a shielded virtual environment.
This process isolation capability comes within reach for Mozilla through the development of ‘multi-process Firefox’. Mozilla tested this on a subset of Firefox 48 and 49 users and introduced it to Firefox 50 to investigate its impact on extensions. The implementation still involves a subdivision into a process for basic tasks and one for content, but Mozilla gradually wants to split a basic process and multiple content processes.
In addition to security, multi-process also provides speed gains and an improvement in stability. A crash due to web content can then no longer cause the user interface to crash, for example.