Hacker News new | past | comments | ask | show | jobs | submit login

In the occurrence of internal memory corruption the values returned by public functions exposed in a WASM module can be anything.

For example, a WASM based security module can just start logging-in everyone as admin, because the user metadata got corrupted.




The claimed advantage is not that wasm-compiled modules are more resilient to bugs or exploits, but that those exploit are easier to contain.

Nobody is surprised that an exploit in the authentication module can be used to log in as admin. It is different if an exploit in the font rendering module lets you log in as admin.

They are just two (equally important but) orthogonal facets of security


Maybe the question I should have asked is what sort of protection does it provide beyond a normal compile and how useful is it?

It seems like there is some kind of cross-module memory protection? Maybe Erlang would be an interesting comparison?


It prevents a bug in your text rendering module from logging you in as admin, which is usually not the case inside a single process.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: