All browsers have been developed on the wrong footing where security is concerned. Plug-in developers should not have to worry about the security of their add-ons and extensions even if they were being hacked. All browser design until now has been wrong, wait for the Opus Palladianum browser: http://www.eweek.com/c/a/Security/Is-There-Room-for-a-Security-Browser/
Is not this contemplation a bit late, now malware is abound and the number of new malware is doubling each year? Do you think that a security browser is the answer, or are the concepts we use to-day basically wrong from the outset, and there is not much we can do really?
Certainly seems interesting and something to watch considering it will be open source it might even give some of the smaller browsers a run for their money.
I don’t know if you have read the full article Bob, but this paragraph seems to be what may play a major part in the protection.
In its current design, OP uses SELinux (security-enhanced Linux) to handle OS-level sandboxing to limit the interactions of each subsystem with the underlying operating system, but said other techniques—like AppArmor, Systrace or Janus—would be equally suitable.
That has always been my major concern with IE, its integration into the OS, exploit the browser, potentially exploit the OS. So anything that isolates the browser from the OS gets at the least a good job in my eyes. This is one of the reasons why I use Firefox as there is no real integration with the OS, but that isn’t anything like the above OS-level sandboxing of the OP browser.
Also.
"The browser kernel implements message passing using OS-level pipes, and it maintains a mapping between subsystems and pipes," he said, noting that the mapping allows the browser kernel to avoid source subsystem spoofing since the browser kernel can accurately identify the subsystem connected to a pipe when it receives a message.
That has always been my major concern with IE, its integration into the OS, exploit the browser, potentially exploit the OS. So anything that isolates the browser from the OS gets at the least a good job in my eyes. This is one of the reasons why I use Firefox as there is no real integration with the OS, but that isn't anything like the above OS-level sandboxing of the OP browser.
There also isn't any integration if you use Safari 3.1 however, doing so right now leaves you wide open to certain attacks. :'(
Don’t forget DMR on the Safari might well restrict the potential attacks on Safari, or using a limited user account. I have never tried Safari so I can’t comment on how it works.