Case Study: Xml External Entities |
We compareChromium's architecture to the architectures of other neural networkbrowsers. Monolithic traditionally,browsers are implemented with a monolithic architecture that combines therendering engine and the browser kernel into a single process image. Forexample, Internet Explorer 7, Firefox 3, and Safari 3.1 each execute in asingle operating system protection domain. If an attacker can exploit anunpatched vulnerability in one of these browsers, the attacker can gain all theprivileges of the entire browser. In typical con_gurations of Firefox 3 andSafari 3.1, these privileges include the full privileges of the current user.Internet Explorer 7 on Windows Vista can run in aprotected mode" ,which runs the browser as a low integrity process. Running in protected mode,the browser is restricted from writing to the user's _le system, but anattacker exploits a vulnerability can still read the user's file system andex-filtrate confidential documents. The VMware browser appliance  hostsFirefox inside a virtual machine with limited rights. The virtual machineprovides a layer of isolation that helps prevent an attacker who exploits avulnerability in the browser from reading or writing the user's _le system.