Comment by yjftsjthsd-h
6 hours ago
In mean... It kinda feels like this is legitimately true? An attacker trying to do anything on a user's machine through this would have to find a Firefox vulnerability and a vulnerability in the wasm runtime, which is such a high bar that I would actually feel remarkably safe running this thing. The only question is how performance works and whether there are any pain points using as a daily driver, but those feel likely to be a pretty minor point. Oh, and the usual caveat that an attacker can still compromise things inside the sandbox which does leave a certain amount of exposure (but if you run different things in different instances they're isolated).
This is true but also this is probably also only half true. Sandboxing is not a fully solved issue since this 100% degrades firefox sandboxing since fission cant run and its running in singleprocess mode. Just wanted to be honest about this
Unless you're running every origin in a different instance, I wouldn't use this as a daily driver, since a site would only need to find a renderer vuln to be able to read the rest of your cookies as multiprocess isolation is disabled here
Assuming you're running Firefox as the outer browser too, in theory it only needs a single bug in the wasm runtime, plus a sandbox escape.