Google Chrome was built from the ground up to be a more secure Web browser, and Google Inc. and its Chromium developers should be applauded for the attention they have brought to browser security. Google deserves much credit for the wealth of security information (download PDF) posted on the Internet and on its Google Chrome blog and for making Chrome's source code available for anyone to examine.
The security model Chrome follows is excellent. Chrome separates the main browser program, called the browser kernel, from the rendering processes, which are based upon the open source WebKit engine, also used by Apple Inc.'s Safari. The browser kernel starts with all privileges removed, the null SID (a security identifier in Windows Vista that denotes the user as untrusted), and multiple "restrict" and "deny" SIDs enabled. On Windows Vista, Chrome runs as a medium-integrity process.
More: http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9126782&source=NLT_SEC
The security model Chrome follows is excellent. Chrome separates the main browser program, called the browser kernel, from the rendering processes, which are based upon the open source WebKit engine, also used by Apple Inc.'s Safari. The browser kernel starts with all privileges removed, the null SID (a security identifier in Windows Vista that denotes the user as untrusted), and multiple "restrict" and "deny" SIDs enabled. On Windows Vista, Chrome runs as a medium-integrity process.
More: http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9126782&source=NLT_SEC
