[webkit-dev] Out-of-process networking and potential for sharing memory cache (was Re: Feature Announcement: Moving HTML Parser off the Main Thread)
abarth at webkit.org
Sun Jan 20 13:44:58 PST 2013
On Sun, Jan 20, 2013 at 1:30 PM, Oliver Hunt <oliver at apple.com> wrote:
>>> I take your word for it that it's not possible on Windows.
>> Given that Chromium has many users on Windows (and other non-Mac
>> platforms), you should now understand why this design does not fit
>> well with Chromium's design constraints.
> But chromium doesn't use webkit or webkit2, so i'm not entirely sure why webkit2 design decisions should consider chromium's (pre-wk2) design decisions.
The reason discussed earlier in this thread is because they have
implications for how the loader works in WebCore. In particular,
folks working on the NetworkProcess have been shoehorning it into
WebCore by adding numerous #ifdefs throughout WebCore. Are you
offerring to implement the NetworkProcess without adding a bunch of
WebKit2-specific #ifdefs to WebCore?
> One thing that I'm unclear on is how having a distinct network process can possibly be less secure than a single thread in _any_ circumstance. Fundamentally any sandbox model that allows a single thread to be sandboxed, can just sandbox the main appropriate threads in the separate networking process, vice versa is not true however.
According to Maciej, one of the motivations for having a
NetworkProcess is that it can be sandboxed more tightly on Mac OS X.
Unfortunately, the NetworkProcess, as currently designed, cannot be
sandboxed on other platforms, such as Windows. That's why the current
design is not a good fit for other platforms.
To be clear, I think it's fine if you want to use a Mac OS X-centric
design for WebKit2. However, you shouldn't be surprised later when
other ports that run on more platforms don't want to adopt your
designs. Moreover, if sometime in the future, I want to implement a
Chromium-centric design that involves adding a bunch of #ifdefs to
WebCore, I expect that you won't mind not having input either.
More information about the webkit-dev