- cross-posted to:
- linux@programming.dev
- typography@lemmy.ml
- cross-posted to:
- linux@programming.dev
- typography@lemmy.ml
[The author assumes] a high-level understanding of how text rendering works, for example, what shaping is. If that does not sound familiar to you, you might want to review State of Text Rendering (2009), and Modern text rendering with Linux: Overview (2019).
Fonts have been programs for a long time. Better to have the code in a safe VM than natively executed.
Do you have a link for that, or a term I can search for? I’m not finding anything about it.
Here are a couple of links that should be good starting points:
https://superuser.com/questions/1202551/can-truetype-fonts-contain-malicious-code
https://security.stackexchange.com/questions/91347/how-can-a-font-be-used-for-privilege-escalation
That is interesting. WASM seems like it’s just a replacement for the TrueType hinting language (which is already a VM). So I guess it’s benefiting from a more standardised and audited virtual machine.
It’s also fairly limited to what it can do (source):
I don’t see how the mentioned future drawing API will fit into that though.
Yeah, the real benefit will be the ability to re-use well tested and hopefully even proven WASM VMs.