Some of us are working on both V8 and Chromium. If you find security-related bugs in V8, reporting to Chrome is probably better than announce it here publicly.
On Sat, Sep 6, 2008 at 10:24 AM, <[EMAIL PROTECTED]> wrote: > > I've never been too concerned about developing with Beta releases. I > give it a second thought if something of high-visibility is about to > be released, but, I mean, code is perfect until it isn't, right? > Security never comes as an afterthought "second pass" in any serious > project. > > But there have been an awful lot of Chrome-related entries on Milw0rm > recently. Most of them are inert DoS "exploits," but there was > recently a pretty high profile buffer overflow, and it really got me > thinking. > > I completely understand that the capacity it takes to develop an, in > many ways, unprecedented best-in-its-field virtual machine is quite > different from the capacity needed to write a UI around a couple OSS > libraries. But, to be frank, do I have anything to worry about? Are > you guys all similarly involved with Chrome development, or is there a > strictly "v8-only" team responsible for this project? > > > --~--~---------~--~----~------------~-------~--~----~ v8-users mailing list [email protected] http://groups.google.com/group/v8-users -~----------~----~----~----~------~----~------~--~---
