undefined | Better HN

0 pointsguappa1y ago0 comments

> there's no way for this to do damage outside the WASM sandbox

java applets promised a sandbox and then we had years of continuous vulnerabilities of escaping said sandbox.

0 comments

Java applets didn't sandbox shit though, because you could call straight into your own native code via JNI (I know because I used exactly that approach to integrate a Win32 game client into browsers). The only thing that the applet launcher did was asking if it is ok to run the applet.

guappaOP1y ago

You're probably thinking of microsoft java. I was talking about the proper java.

tomrittervg1y ago

This is true, but adding a sandboxing to browsers has been a huge part in driving up the difficulty/cost of browser exploits, and driving down the frequency of their use.

And also we'll pay for a bypass of the wasm sandbox. (Actually, looking at our table, I'm going to try and get the bountyamount upped...)

j / k navigate · click thread line to collapse