• Pantherina@feddit.de
    link
    fedilink
    arrow-up
    3
    ·
    10 months ago

    Electron runs a core Chromium Browser + NodeJS + a bit more.

    Unlike Chromium itself it is not backwards compatible and removes a ton of things like its sandboxing capabilities.

    I am not sure how it is less secure, but it may use more RAM (also not always but generally yes of course), doesnt allow hardening (unlike android WebView apps) and breaks LD_PRELOAD-ing another memory allocator.

    This is only a big problem in special cases, in general it makes apps strictly dependend on GNU glibc and others, no idea how it works on Alpine or others (that actually try to make a secure system).

    If somebody knows more about security concerns about Electron, please add.