Hi! With this change <https://chromium.googlesource.com/v8/v8.git/+/a8c27fcc9f9f15a0110a409190a2b514ec86e37f> we are enabling the V8 Sandbox <https://docs.google.com/document/d/1FM4fQmIhEqPG8uGp5o9A-mnPB5BOeScZYpkHjo0KKA8/edit?usp=sharing> by default when building V8 using gn. The sandbox has already been enabled in Chromium for some time now, and this change (again) makes standalone V8 builds reflect the configuration that is shipping in Chromium.
Some things to note: The sandbox should *not* yet be considered a strong security boundary (more details in an upcoming blog post). Further, the sandbox can only provide security benefits in cases where untrusted JavaScript is being executed by V8 (such as is the case in Chromium). It has no effect when the JavaScript code is considered trusted. Finally, to operate securely, the sandbox also needs cooperation from the Embedder, such as a special ArrayBufferAllocator (see e.g. this allocator <https://source.chromium.org/chromium/chromium/src/+/main:gin/array_buffer.h;l=22;drc=468e51b677c56f6a9ac53f08560411faa5d9f07b> for an example) and likely other things in the future. To disable the sandbox, the `v8_enable_sandbox=false` gn flag can be used. Cheers! Samuel -- -- v8-users mailing list v8-users@googlegroups.com http://groups.google.com/group/v8-users --- You received this message because you are subscribed to the Google Groups "v8-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to v8-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/v8-users/CAMyKh9d6j8rvozd6FrLhM8W%3DrnX3xPWKxmsNzs2fP5%2Bd5qw5DA%40mail.gmail.com.
