This separation is also good for the user’s experience. This makes exploiting the browser much harder, as in most cases you will have to chain multiple vulnerabilities in order to gain control of the whole browser Also, different types of processes have different privileges. Different sites will run in different renderers who have different processes. In Chromium, a renderer doesn’t run in the main browser’s process. It’s harder to isolate threads, so the browser leverages operating system’s features and isolates processes. If we run all of our code in the same process, exploiting one part can lead to code execution all over the browser. But why are they all needed?įirst of all, for security reasons. One of the most commonly known facts about Chromium based browsers is that they have lots of processes. There are other types of plugins supported, we will cover some of them later on. In Chromium, extensions run in their own process. They allow adding capabilities to the web platform by third parties.
Built mostly with web technologies such as HTML, CSS, JavaScript, etc.
Some APIs are exposed globally across the browser, some are limited to specific components (e.g.