Chrome is working towards something like this with Site Isolation, and it’s a good idea. Unfortunately it’s not a complete defense.
First, web pages can load cross origin resources, and that may be enough to get data or a cookie into the attacker’s web process. Second, some risks of this attack (e.g. ASLR bypass) don’t require any data from another origin to be in process to be dangerous.
I know nothing about web technologies, but maybe this is something we should stop doing, at least for any executable resource? This would prevent JS ads I guess, so win/win?
> Second, some risks of this attack (e.g. ASLR bypass) don’t require any data from another origin to be in process to be dangerous.
> > web pages can load cross origin resources
> I know nothing about web technologies, but maybe this is something we should stop doing, at least for any executable resource? This would prevent JS ads I guess, so win/win?
It's arguably a flaw in the design of the web that loading cross-origin resources is allowed by default. Unfortunately, there isn't a great path to changing this. We may be able to allow websites to opt out of having their resources loaded cross-origin, maybe (similar to X-Frame-Options but for resource types other than frames).
First, web pages can load cross origin resources, and that may be enough to get data or a cookie into the attacker’s web process. Second, some risks of this attack (e.g. ASLR bypass) don’t require any data from another origin to be in process to be dangerous.