Firefox 54 delivers sandboxes Mozilla's wanted since 2009

Project Electrolysis means Firefox spawns four processes and shares them between tabs

By Simon Sharwood


Mozilla has released version 54 of its Firefox browser and in so doing delivered long-promised sandboxing technology.

Firefox has been pondering multiple processes for different tabs since 2009 and named its effort Project Electrolysis in 2015 before introducing the technology to Firefox 48 in August 2016. The organisation has been gradually rolling it out ever since, exposing more users with each Firefox release. And now, with Firefox 54's Tuesday debut, “multiple content processes” - aka “E10S” - are now a standard feature.

As Mozillan Ryan Pollock explains, “Firefox now creates up to 4 separate processes for web page content. So, your first 4 tabs each use those 4 processes, and additional tabs run using threads within those processes. Multiple tabs within a process share the browser engine that already exists in memory, instead of each creating their own.”

Google's Chrome has used one process per tab since its launch, but Mozilla argues that Chrome's habit of spawning a discrete browser engine for each tab consumes wasteful quantities of memory and slows computers. Firefox's new approach, it suggests, will therefore make computers behave better by leaving more free RAM for other apps and the OS. And when we say “computers” we mean desktops and Android devices, as E10S has landed in Firefox for Android too.

Version 54's otherwise an unremarkable release, but of course includes some security fixes , among them three Critical-rated flaws. CVE-2017-5472 sees CSS layouts capable of creating an exploitable crash in the browser. CVE-2017-5470 and CVE-2017-5471 are memory safety bugs that could allow arbitrary code execution. There's also a dozen high-severity bugs to consider on the list here. Firefox for desktops can be had here and the Android app is here. ®

Sign up to our NewsletterGet IT in your inbox daily


More from The Register

Google Play Store spews malware onto 9 million 'Droids

How did these get through the net?

Google leaps on the platform formerly known as Firefox with $22m splurge for KaiOS

The great feature phone revival rolls on

Your RSS is grass: Mozilla euthanizes feed reader, Atom code in Firefox browser, claims it's old and unloved

The Live bookmarks, preview features, that is

Google's secret to a healthy phone? Remote-controlling your apps

Look Ma, no not much malware!

Chrome, Firefox pull very unstylish Stylish invasive browser plugin

Add-on made sites look pretty while getting away with ugly data slurpage

Mozilla changes Firefox policy from ‘do not track’ to ‘will not track’

Browser will stop asking nicely for privacy protections

Get the FTP outta here, says Firefox

Apparently someone still uses src to suck content into web pages from FTP servers

Firefox to feature sponsored content as of next week

Mozilla thinks you won’t mind analytical action on the client

Mozilla wants to seduce BOFHs with button-down Firefox

Control. Control. Control

Have I been pwned, Firefox? OK, let's ask its Have I Been Pwned tool

Mozilla's Firefox Monitor makes a hash of email queries