Why no (se)L4 microkernel/hypervisor based browser?
9 points by iloveappleman 2 days ago
For example, Microsoft's Gazelle and Illinois Browser OS build their browsers based on a secure kernel, so why no (se)L4 microkernel/hypervisor based browser? I haven't even seen the idea. Besides, there is only old information about secure kernel/OS-based browsers in the first place, and nothing current and up-to-date. Perhaps it has failed?
I thought the IBOS kernel leveraged L4 (Pistachio?)
I believe generally the push has been to better use the isolation feature in existing operating system environments - such as having separate processes for rendering and javascript execution per origin which also have unique sandboxed storage. From a platform vendor as browser vendor perspective, building what amounts to a new operating system running at the hypervisor layer is a huge effort that amounts to them now having one more internal OS to secure.
So I would instead expect this to be more of a research platform task, like perhaps something you would see on Genode.