One of the reasons why Mozilla is working on a multi-process architecture for Firefox is that it paves the way for a browser sandbox.
The sandbox that the team plans to implement is platform independent and uses the process as security boundary.
Mozilla is using Google's Open Source sandbox that the company uses in Chromium and Google Chrome as the basis for Firefox.
While Mozilla could write its own implementation from scratch, it does not make sense to do so considering that Google's sandbox is available as open source and that the end result would look very similar to it but would take a considerable amount of resources to create.
The Firefox content sandbox works only with e10s enabled. This is currently only the case for Nightly builds of the browser and since sandbox code is only available in Nightly, it can only be tested in that version of the browser.
Mozilla has enabled a non-restrictive Sandbox on Windows with e10s enabled by default to make sure it works correctly before any other code is added to it.
A new patch has been created a couple of days ago that lands in Firefox Nightly shortly. It only affects the Windows version of it and will enable a "non-restrictive sandbox on the Windows content sandbox by default".
According to this bug report, it does the following:
Changing the lock-down access token from USER_RESTRICTED_SAME_ACCESS to USER_NON_ADMIN is the only restriction that we believe we can currently put in place without breaking things.
This changes the access permissions of the process so that they are more restrictive.
Check out the Sandbox wiki entry on Mozilla which offers additional information about the sandbox implementation in Firefox.
The sandbox itself is controlled by the preference browser.tabs.remote.sandbox in about:config. You can only enable it if e10s is enabled as well.
According to Sören Hentzschel, there will be another preference that you can use to make the sandbox more strict on Windows. The preference's name is security.sandbox.windows.content.moreStrict and you need to set it to true and restart the browser.
It is unclear at this point in time what it does however so that it is generally not recommended to change it. Besides that, it is not currently listed as a preference in the latest version of Firefox Nightly.
Now You: What's your take on sandboxing in Firefox?Advertisement
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.