Firefox takes the next step towards rolling out multi-process to everyone | Ars Technica

Firefox takes the next step towards rolling out multi-process to everyone | Ars Technica

With Firefox 50, Mozilla has rolled out the first major piece of its new multi-process architecture. Firefox 50 is also Firefox’s current stable release.

Edge, Internet Explorer, Chrome, and Safari all have a multiple process design that separates their rendering engine—the part of the browser that reads and interprets HTML, CSS, and JavaScript—from the browser frame. They do this for stability reasons (if the rendering process crashes, it doesn’t kill the entire browser) and security reasons (the rendering process can be run in a low-privilege sandbox, so exploitable flaws in the rendering engine are harder to take advantage of).

Moreover, these browsers can all create multiple rendering engine processes and use different processes for different tabs. This means that the scope of a crash is narrowed even further, typically to a single tab. Internet Explorer and Chrome both implemented this long ago, in 2009.

Firefox, however, has not offered a similar design. Although work on a multi-process browser was started in 2009, under the codename Electrolysis, that work was suspended between 2011 and 2013 as priorities within the organization shifted. Bringing this architecture to Firefox was particularly complicated due to the diversity of extensions the browser supported and the way those extensions could invasively access and manipulate the rendering engine. Firefox was simply never designed to work this way.

In response, Mozilla started switching to a new extension system in 2015 that opened the door to a multi-process design.

The first stage of Firefox’s move to multi-process involves separating the browser shell from a single rendering process that’s used by every tab. In Firefox 48, that feature was enabled for a small number of users who used no extensions. Firefox 49 was rolled out to include users running a limited selection of extensions. Now, in Firefox 50, a separate renderer process is used for most users and most extensions. Developers are now able to mark their extensions as explicitly multi-process compatible. Firefox 51 will extend this even further to cover all extensions, except those that are explicitly marked as incompatible.

Mozilla says that, even with the limited changes made in Firefox 50, responsiveness of the browser has improved by 400 percent due to the separation between the renderer and the browser shell. During page loads, responsiveness will increase to 700 percent.

But Mozilla has more to do to meet parity with the other browsers. Firefox 50 for Windows, specifically, includes Mozilla’s first iteration of a sandbox for the rendering process. This should make using browser flaws to compromise a system more difficult. Future releases will make this sandbox a more restricted, harder-to-escape environment. Those releases will also offer the sandbox on macOS and Linux. Nightly builds of Firefox include the first pieces of work to create multiple renderer processes, which ought to provide the tab isolation enjoyed by users of other browsers.

This upgrade been a long time coming, but when both of these pieces of work are complete, Firefox will, at last, offer the same kind of design and protection as the other major browsers.

http://arstechnica.com/information-technology/2016/12/firefox-takes-the-next-step-towards-rolling-out-multi-process-to-everyone/

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s