Firefox 95 Ready With RLBox Sandboxing Across All Platforms

Written by Michael Larabel in Mozilla on 6 December 2021 at 08:00 AM EST. 37 Comments
MOZILLA
Mozilla Firefox 95.0 is now available for download ahead of its official release tomorrow. Making this new version interesting is the RLBox integration.

Across all platforms the Mozilla Firefox 95.0 web browser is now using RLBox to protect against security vulnerabilities within third-party libraries.

RLBox is designed to sandbox third-party libraries and is made up of a WebAssembly-based sandbox and an API for retrofitting existing application code within the sandboxed library. RLBox will isolate the memory of the sandboxed library from that of the application/Firefox, among other security benefits.


RLBox


RLBox is explained in more detail via the documentation on GitHub. There is also this blog post on Mozilla Hacks outlining this WASM-based sandboxing effort. (Update: Mozilla also has out now another blog post on this RLBox sandboxing tech.)

This RLBox WebAssembly sandboxing code isn't specific to Mozilla/Firefox but can also be used by other arbitrary applications. RLBox was originally designed by researchers from UC San Diego as well as University of Texas at Austin and Stanford University. Over the past year and a half Mozilla has been working to incorporate RLBox into Firefox and now for Firefox 95.0 it's reached the milestone of being used across platforms for fending off issues caused by third-party libraries.

Firefox 95 also now supports the "inputmode" global attribute across all platforms (previously it was only Android), the CSS cursor property is now supported on Android, and a CPU usage reduction by avoiding always posting an NSEvent to the event loop every-time a non-native event is ran. That CPU usage reduction should also help in battery life besides being a win by itself.


While awaiting the official announcement, Firefox 95 can be downloaded from Mozilla.org.
37 Comments
Related News
Mozilla Firefox Switches To .tar.xz For Linux Packaging
Firefox 132 Ready With Certificate Compression, Accelerated SVG Filter Primitives
Servo Browser Adds Android Downloads, Improved Tabbing & More
Firefox 131 Released With Tab Preview & CHIPS Support
Servo Browser Engine Restores Firefox Devtools Support
Mozilla Is Interested In A Rust JPEG-XL Decoder For Firefox & Google Might Develop It
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week
OpenWrt Affected By Security Issue That Could Have Led To Compromised Build Artifacts
How AMD Is Taking Standard C/C++ Code To Run Directly On GPUs
Linux EFI Zboot Abandoning "Compression Library Museum", Focusing On Gzip & Zstd
Ptyxis Becomes Ubuntu's Recommended Replacement To GNOME Terminal
GNU Shepherd 1.0 Service Manager Released As "Solid Tool" Alternative To systemd
KDE Starts December By Landing A Number Of New Features
NTSYNC Linux Patches Revived To Help Boost Steam Play Gaming Performance
Rust-Based, Memory-Safe PNG Decoders "Vastly Outperform" C-Based PNG Libraries