[webkit-dev] On adding 'console.memory' API (and about the whole 'console' object.)

Mikhail Naganov mnaganov at chromium.org
Wed Jun 2 14:45:41 PDT 2010


Used memory count can be restricted to include only objects reachable
from the caller execution context. In this case, an app could only see
the amount of memory consumed by itself, not by the whole engine.

Another option, as Sam proposed before, is to expose things like
console.profiles and console.memory only when a browser is launched in
"developer" mode. Although, this still opens the way to unintentional
information disclosure when a developer forgets that she is running
the browser in this mode.

On Wed, Jun 2, 2010 at 23:06, Adam Barth <abarth at webkit.org> wrote:
> I haven't looked into the details, but, in general, side channel
> information is a rich area for unintentional disclosure.  For example,
> timing information leaks a ton of information.
>
> Here's a recent paper that shows a bunch of stuff you can use from the
> sizes of things.  In this case, they're looking at the size on the
> wire, but you could imagine something similar for in-memory size:
>
> http://oakland31.cs.virginia.edu/slides/sidechannel.pdf
>
> Adam
>
>
> On Wed, Jun 2, 2010 at 11:52 AM, Sam Weinig <sam.weinig at gmail.com> wrote:
>> Now that I have had a little time to think about it, I think my biggest
>> concern with this type of API is the unintentional ability for an attacker
>> to gain information from the engine consuming specifics amount of memory.
>>  Let's take the visited link history stealing attack as an example.  Even
>> though you can no longer use getComputedStyle() directly to gain information
>> as to whether a link was visited or not, if the engine allocated subtly
>> different amounts of memory depending on whether the link was visited or
>> not, an attacker could detect this and gain that information.
>> Adam (and other web security people), am I being overly paranoid about this?
>> -Sam
>>
>> On Fri, May 28, 2010 at 10:56 AM, Mikhail Naganov <mnaganov at chromium.org>
>> wrote:
>>>
>>> Greetings, WebKit deveopers,
>>>
>>> As a response to requests from web apps developers, I was intended to
>>> add a simple API for accessing web app's memory consumption, see
>>> https://bugs.webkit.org/show_bug.cgi?id=39646
>>>
>>> The scenario of using this API is as follows:
>>>  - a builbot runs web app's common usage scenarios tests;
>>>  - inside tests, memory usage is recorded via the API proposed;
>>>  - the results are sent to a server (using XHR or a CGI request);
>>>  - server plots nice graphs of memory usage status, bound to the
>>> changes made to the web app;
>>>  - thus, if someone does a change that blows up memory usage,
>>> developers will notice.
>>>
>>> As Sam points out, this change may be fine, but he suggests to make it
>>> accessible only when a browser runs in a special "developer" mode.
>>> This can also be applied to the whole 'console' object.
>>>
>>> Please, share your thoughts on this.
>>
>>
>


More information about the webkit-dev mailing list