Firefox finally gets sandboxing again to improve security, stability and performance

Mozilla has decided to add sandbox technology to Firefox again. This should improve security, stability and performance of the browser. Firefox is currently the only large browser that doesn’t feature sandbox technology.

FirefoxLogo

Sandboxing is considered an important security measure because it can prevent an exploit to abuse a vulnerability that provides direct access to the entire system. Last year Mozilla revived its Electrolysis (e10s) project. Thanks to this, Firefox uses multiple processes for the browser instead of a single one. This has multiple benefits, such as the fact that a single tab can’t crash the entire browser. Using multiple processes also makes it possible to separate processes for sandboxes for web content and performance should increase because multiple processes can use multiple cores.

Users might worry that sandboxes increase the memory usage of the browser, but according to Mozilla this isn’t the case. While multiple processes have a larger memory footprint, the impact should be limited, a recent test version shows a memory usage increase of 10-20%. However, according to Mozilla, this is still half the memory consumption of Google Chrome on the same page.

When the sandbox ends up in a final version of Firefox is unknown. “The move to multi-process is an investment in the future: we’re paying down technical debt and redesigning Firefox’s architecture at a fundamental level. Like any change of this magnitude, there are associated challenges”, according to Mozilla’s developer Dan Callahan. One challenge will be required changes to many add-ons.

Users that want to test the sandbox technology in Firefox can download Firefox Developers Edition.