Hi there,
I’m a security researcher and would love to see this as an option, Edge now supports WASM emulation through Drumbrake[1] which allows WASM to work without any RWX pages being arbitrarily written to, this combined with SDSM[2] gives a super solid setup for basically any threat model, including nation state targeted individuals.
If this was implemented the Brave target threat model would move basically entirely to mainline Chromium/Chrome exploits which are extremely expensive and valuable or to Brave specific exploits targeting your Mojo IPC implementations or similar added features.
I’d love to see a flag to just disable JIT entirely, wasm, webassembly, the lot, maybe add it into the “Aggressive” shields mode, it will kill 99% of modern exploit chains.
Given brave is about to be quite heavily recommended once Chrome/Chromium kill manifest v2 this would be an amazing feature for the community, Edge has done a fantastic job and it’s a game changer for exploit mitigations.
As for scudo that allocator has it’s issues, I don’t think we need a secured/hardened allocator just for brave, seems easier to just do LD_PRELOAD or dylib injection to force your own allocator IF you need it.
Ahead of time is much safer than Just in time as it doesn’t rely as heavily on speculative optimisations.
I’d love to recommend Brave to my friends and colleagues however currently I cannot due to this feature not being present, so my recommendation will remain Edge, I also have some concerns about the length of time between mainline patch updates being applied to Brave but it seems to be much much faster than it was even a few years ago.
If you require any assistance or questions on how to implement it I’m happy to talk, also happy to make introductions on the Edge security team.
I will say one thing, I don’t think having it enabled/disabled on a per origin basis is a great idea for super hardened security, then you get the NoScript problem where to bypass noscript all you needed was an XSS on a trusted website from the NoScript global allow list (many moons ago)
[2] - https://microsoftedge.github.io/edgevr/posts/Introducing-Enhanced-Security-for-Microsoft-Edge/