Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

It’s not even about being targeted specifically. It’s about the complete loss of sandbox and safety guarantees. There is a lot of LHF here.


Why would the sandbox be lost? Can't webkit's normal sandbox still operate here?

This feature uses webkit2gtk [1] which is the base for multiple full web browsers [2] and supports webkit2's normal web process isolation [3]. Is the sandboxing disabled for some reason?

[1] https://emacs.stackexchange.com/questions/48670/the-status-o...

[2] https://wiki.archlinux.org/index.php/List_of_applications#We...

[3] https://webkitgtk.org/ & https://blogs.gnome.org/mcatanzaro/2016/02/01/on-webkit-secu...


LHF?


low-hanging fruit presumably.




Consider applying for YC's Winter 2026 batch! Applications are open till Nov 10

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: