14 DAY TRIAL // Google engineers are planning to move the entire Chrome browser to Native Client (NaCl), a new and more powerful sandboxing technology that is currently being developed by the company.
Google Chrome is already being revered as the most secure browser due to the sandbox that separates its rendering processes from the rest of the operating system.
In current form, the browser's components that handle Web code parsing access Windows APIs through a tightly controlled brokering process.
The idea is that it's easier to keep a smaller component, like the broker, vulnerability-free, than the millions of code lines handling rendering and parsing.
Even so, any code will sooner or later have vulnerabilities and French vulnerability research outfit VUPEN just recently announced finding one that allows breaking out of the Chrome sandbox and executing code on the underlying system.
Creating a successful attack against the Chrome sandbox requires a lot of work by very talented programmers specialized in exploit writing, so it's unlikely to see them in the wild on a mass scale.
But Google is not satisfied with this and wants to make it even harder for attackers to exploit its browser. At the Google I/O developer conference this week, the company announced plans to port the entire browser to Native Client.
Native Client is a sandboxing technology developed at Google, which, in addition to the process brokering method, leverages the segmentation facility of the x86 architecture to restrict the memory segments available to the sandbox.
NaCl is still in development so porting the entire browser to it is a long term project. However, the Chrome engineers will begin this year with the native PDF plug-in and gradually continue with the other components.
"We want to move more and more of Chrome to Native Client. Over time we want to move the entire browser in Native Client," Linus Upson, vice president of engineering for Chrome, told CNET.