Hacker News new | past | comments | ask | show | jobs | submit login

In a general sense, I'd agree, but from the description in that article, it's interaction with native files or file dialogs. Even if you use Java, you're susceptible to this sort of bug, because your Java code calls into layer of C code to handle the native interaction.

Realistically, any browser is probably going to have a decent amount of unsafe code surrounding the native windowing, files, graphics, and so on.

Look at the patch; it's a use-after-free bug involving DOMArrayBuffer and ArrayBuffer, which are Chrome objects, not native OS objects.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact