Date: Fri, 15 Jul 2016 14:57:44 +0300 From: Arto Pekkanen <isoa@kapsi.fi> To: Baptiste Daroussin <bapt@freebsd.org> Cc: Matthew Macy <mmacy@nextbsd.org>, chromium <chromium@freebsd.org> Subject: Re: Chromium sandboxing on FreeBSD Message-ID: <a773d3eb29b795a3bc072e9730be233b@kapsi.fi> In-Reply-To: <20160709195235.rrfflo3tsho7by76@ivaldir.etoilebsd.net> References: <155d0f236ad.c11b2673215986.622076744465197484@nextbsd.org> <20160709195235.rrfflo3tsho7by76@ivaldir.etoilebsd.net>
next in thread | previous in thread | raw e-mail | index | archive | help
The lack of co-operation from Chromium upstream might also explain why Chromium is so unstable on FreeBSD. I mean, I get frequent tab crashes, and kickstarter.com crashes the browser altogether. If the issues with Chromium are to be resolved, we need people from upstream to take part in squashing the bugs on the FreeBSD version of Chromium. PRs have been filed regarding instability, but thus far there's been no fix. Firefox is also pretty bad, it slows down to a crawl after using it for a few hours. The other browsers are also either unstable or barely usable. I tried Epiphany a few days ago, and it seems to get stuck frequently. Not sure if the problem is in Webkit2. I'd like to profile Firefox regarding the slowdown issue, but profiling doesn't work on FreeBSD. The current version of Firefox should have a profiler function built in, usable via Developer Tools menu, but it is simply not there. Maybe I'll file a PR about this ... Baptiste Daroussin kirjoitti 09.07.2016 22:52: > On Sat, Jul 09, 2016 at 11:36:22AM -0700, Matthew Macy wrote: >> >> How much of Chromium's sandboxing code actually works on FreeBSD? On >> Linux it relies in part on user namespaces which appear to be a much >> more modular equivalent of jails usable by unprivileged processes. > > People working on chromium (now, I'm not anymore) would know better but > Google > sponsored capsicum development for sanboxing chromium, there are lots > of > talks/papers available out there explaining that. But on the otherside > upstream > never accepted (or almost never accepted) our patches to run on freebsd > resulting in the current ports as now contain 395 patches to run there. > So the > capsicum patches were never integrated neither upstream neither on > freebsd... > btw big thanks to the people working on keeping chromium working on > FreeBSD > given how unfriendly upstream is... > > Google chrome team is not friendly to projects which are not Linux, > Windows or > Mac OS. > > Best regards, > Bapt -- Arto Pekkanen
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?a773d3eb29b795a3bc072e9730be233b>