## Why Graphics?
The GPU process is interesting from an attacker perspective for several reasons.
1. Many of its features are reachable directly from web content by default,
which creates an opportunity for malicious websites to attack Chromium users.
2. It processes complex data in (mostly) C++ native code, which is difficult to
do safely.
3. It needs the privilege to interact with GPU drivers in the kernel, so our
ability to sandbox the process is limited.
4. It loads third party native code into its address space to interact with
platform specific graphics features.
Collectively these properties make the GPU process particularly attractive for
both remote code execution and privilege escalation.
Codebase Browser
chromium