Mozilla Beefs Up Browser Security with 'RLBox'

Mozilla has announced a rethink of a key technology used to make web users safer. The latest update to its Firefox browser improves the "sandboxing" approach.

One of the biggest security concerns with web browsers is the way a single application (the browser) can handle data from multiple sites open in different tabs. It creates the risk that a compromised site could access data from another site; for example, one tab might display or transmit emails, login details or financial information.

The way browsers tackle this risk is called sandboxing. That means telling operating systems such as Windows to treat each tab as a separate system process. Each system process is a distinct set of related tasks that the computer's processor works on in order. Switching back and forth between system processes is how a computer can run multiple applications at once without visible freezes or slowdowns.

In principle at least that means handling each tab as a completely separate task with no data flowing between them.

Shared Code a Problem

The main limitation to this approach is that different tabs often need to access the same set of data, known as a shared library. Examples include font files that help a browser turn a web page's code into what users actually see on their screen. (Source: sophos.com)

In theory a web browser would need to not only run each of these shared libraries as a separate system process, but run a separate copy for each open tab. That would greatly increase the number of times the computer had to switch back and forth between processes, causing a slowdown.

Instead, browsers get round this by copying the code from the shared library into the system process for the tab in question. That works fine until a malicious site is able to take advantage and insert malicious code instead.

Code Restricted

Mozilla's new approach, dubbed RLBox, tries to find a way through this dilemma. It will still have a separate system process for each tab that imports the code from shared libraries. However, it will place restrictions on the imported code, almost like a sandbox within a sandbox.

Specifically, the imported code will be prevented from moving position within the system process, and it will be restricted to only using a specific part of the computer's memory.

While Mozilla is happy the approach works, implementing it may be a lengthy process. It won't work in every case and instead Mozilla will have to gradually decide which shared libraries can be restricted this way without an unacceptable effect on performance. (Source: mozilla.org)

What's Your Opinion?

Do you give much thought to browser security? Were you aware of the sandboxing approach? Do you give any thought to having multiple tabs open at once?