Security concerns with electron
Opened this issue · 3 comments
I remember theo saying one of his concerns with making a browser with electron was the fact that it doesn't have sandboxing built in. How does flow handle sandboxing? Also, does it properly unload tabs and do all the memory management magic? It's chromium but based on electron, which just raises red flags for me.
Overall I love the mission though! Looks super cool.
yeah this concerns me as well, would be great if the devs can make it clear in the docs or something like that
although, looking at electron docs, it says sandbox is enabled by default now - not sure if that's what theo meant, haven't looked deeply myself so i can't really confirm anything
Sandbox
Sandbox is enabled for all the webpages, as of all the security precautions have been taken. The only thing websites can access is the flow global variable, which is also heavily secured and most APIs are disabled. Rest assured, they have no access to the electron environment.
Tabs
I have been experimenting a lot with tabs and created a custom tab system. Currently, tabs are unloaded by navigatting to about:blank?sleep=true. However, this method still consumes a bit of memory.
I am currently rewriting the tab system to make sure that the webview is entirely disposed of when the tab is asleep.
Memory Usage
Memory usage should be managed by Chromium itself, which means that websites should use a similar amount of memory as to normal Chromium browsers.
If you have any more concerns, feel to ask here!
Thanks for the information! I haven't dug too much into it, so I thought I'd ask here. Happy to hear that it's fully safe.
I also tried out Flow last night, and it seemed like a good concept, but I'll let you cook for a bit longer.
For anyone else reading this thread, I dug through the code a bit, and it seems Evan did implement all the security recommendations from this docs article.