Gecko vs Goanna for Thunderbird Independence
ben.bucksch at beonex.com
Mon Apr 17 14:12:14 UTC 2017
Gervase Markham wrote on 17.04.2017 16:03:
> On 13/04/17 23:11, Ben Bucksch wrote:
>> there were no less than 250 known critical *1 security holes and 600
>> memory corruption bugs that might be exploitable. One critical security
>> is already a very serious risk.
> How many of those are exploitable if JS is switched off?
I've recently looked through the list, and about 50-60% are dependent on
JS, another 15-20% are in the video/audio decoders (HTML5 <video>), but
a good part, maybe 1/3 or so, are in other code parts and Thunderbird
without JS and without video would still be vulnerable.
Worse yet, the above numbers do not count memory corruption bugs (i.e.
buffer overflows, use-after-free and similar serious badness) that are
potentially exploitable, and could also affect Thunderbird. There are so
many of them, usually about 10-20 per 6-week release cycle, that we
don't have more information about them, but they are still potentially
So, the answer is much worse than I thought: Turning off JS and video
helps a lot, but even if they are turned off, that still leaves a huge
amount of security holes. We have a lot of low level holes, unfortunately.
More information about the tb-planning