I feel as though you overlooked the "every" word in my question. I appreciate you built once, that's a solid accomplishment. If I'm going to be riding your custom build, with your custom C++ changes that introduce their own RCE risk, I want to at least know I'm only vulnerable to your RCE and not your RCE plus the 'just disclosed' RCE for Chromium itself that was actually patched 3 weeks ago but that you didn't bother to track because you don't track Chromium release tags
Yes, I'm acutely aware of exactly how much compute pulling off such a stunt requires; what I'm wondering is whether you are aware of exactly how much RCE risk you're running by squatting on someone else's C++ codebase that ships what feels like a vuln-a-week from one of the best funded security research teams in the world
I feel as though you overlooked the "every" word in my question. I appreciate you built once, that's a solid accomplishment. If I'm going to be riding your custom build, with your custom C++ changes that introduce their own RCE risk, I want to at least know I'm only vulnerable to your RCE and not your RCE plus the 'just disclosed' RCE for Chromium itself that was actually patched 3 weeks ago but that you didn't bother to track because you don't track Chromium release tags
Yes, I'm acutely aware of exactly how much compute pulling off such a stunt requires; what I'm wondering is whether you are aware of exactly how much RCE risk you're running by squatting on someone else's C++ codebase that ships what feels like a vuln-a-week from one of the best funded security research teams in the world
i think you raise a good point but also... how else would you propose to "fork Chrome"? this seems like the most reasonable approach?
You build from the release branches yeah? So, right now that'd be the 7204 branch. https://chromiumdash.appspot.com/releases?platform=Mac