That’s not the point of GP though? The whole premise of virtualization is that an OS process is not a perfect sandbox. There’s a hierarchy of sandboxes. Protecting other processes from accessing something inside the sandbox is not the job of a browser sandbox. This actually just goes to show the GP’s point: not all sandboxes are created equal.
I was not arguing against kibwen, I was sharing some more points. People have implicitly expected OS processes to be better isolated from each other than they are. (I think there's a related problem that people tend not to think about which of the properties of integrity, confidentiality, and availability they rely on.)
