On Wed, Apr 12, 2017 at 5:59 AM, Till Schneidereit <
t...@tillschneidereit.net> wrote:
> On Wed, Apr 12, 2017 at 2:56 PM, Boris Zbarsky wrote:
>
> > On 4/12/17 2:32 AM, Paul Rouget wrote:
> >
> >> - Prerendering: we will want to prerender documents. A special kind of
> >> pipeline with black-list
On Wed, Aug 3, 2016 at 2:37 PM, Robert O'Callahan
wrote:
> On Wed, Aug 3, 2016 at 4:10 PM, Michael Howell >
> wrote:
>
> > I can think of one advantage right now: by having script and layout in
> > separate processes, a compromised script thread doesn't automatically
> give
> > an attacker the a
On Wed, Aug 3, 2016 at 12:38 PM, David Bruant wrote:
> Le 03/08/2016 à 18:47, Andrew McCreight a écrit :
>
> In a world where a sophisticated attacker can get root privileges, I
>> wouldn't spend too much time worrying about intraprocess attacks.
>
> If (safe)
On Wed, Aug 3, 2016 at 8:35 AM, Jack Moffitt wrote:
> I asked ekr how much this mattered, and he thought it was important. I
> don't think anyone has pointed me to a documented attack, but it
> definitely seems like the kind of thing that could be done somehow.
>
It seems like it will be importa
For what it is worth, Gecko uses a single-entry per-zone cache for
converting the result of JS strings to DOM strings in getAttribute (I
think). bz added this in bug 773520, and it has had a few refinements since
then. Maybe some kind of caching would help Servo, too.
Andrew
On Wed, Dec 2, 2015 a
On Fri, Jun 19, 2015 at 3:21 AM, Robert O'Callahan
wrote:
> On Fri, Jun 19, 2015 at 7:10 PM, Patrick Walton
> wrote:
>
> > In theory you can use cmsg on POSIX systems to send channels over
> > channels, by treating channels as file descriptors. I tried this first,
> and
> > I believe it actually
Very cool!
This is probably too esoteric for the blog post, but it seems like the
malloc_size_of thing isn't passed in for the Rust version. (For those who
don't know, in Firefox, this is used for the Dark Matter Detector (DMD): a
method can be passed in to record all blocks that are measured via
- Original Message -
> https://github.com/servo/servo/wiki/Workweek-alt-js
>
> I'm pleased with the "Table discussion until mid 2015" outcome :-).
>
> It might make sense at some point to have a "super secure Servo" build
> where you plug in a JS interpreter and simple GC written in Rus
- Original Message -
> Rust does have 2MB stacks by default. These giant numbers are surprising.
In Gecko, we've found that almost anytime we start measuring something, we find
something surprising. ;)
Andrew
___
dev-servo mailing list
dev-se
- Original Message -
Not to derail this further with a defense of the CC, but...
> CC is still a performance and memory and safety problem.
At this point, I think the GC is a bigger performance problem. ;) Ok, so it is
doing much more stuff than the CC...
> Yeah, I shouldn't have men
>From the meeting notes:
mbrubeck: Module owner is two things. 1: someone who can make decisions. 2:
someone who can determine who the peers are and when to pass on module
ownership. Sometimes those are different people, etc.
azita: Is it usual to have more than two? Seems confusing. Or is that
- Original Message -
> http://goto.ucsd.edu/quark/
Relatedly, this MWR Labs writeup on their Chrome exploit is kind of fun.
"Looking at the crash dumps, we observed that the following undocumented system
call triggered the crash"
"In cases where the last argument to NtUserMessageCall is
- Original Message -
> On Fri, Jul 13, 2012 at 1:40 AM, Andrew McCreight <
> amccrei...@mozilla.com > wrote:
> Type preserving compilers are pretty great, because you can spot a
> large number of compiler bugs without even running the program
> you've compile
- Original Message -
> On Thu, Jul 12, 2012 at 4:44 PM, Brendan Eich
> wrote:
>
> > I'm more concerned about runtime bugs -- the usual free memory read
> > during a virtual call. Rust will have vtbls, IIRC, and it takes only one
> > rooting or refcounting bug to enable an attacker to recl
14 matches
Mail list logo
