From 8e136defe5992aa2a0160ca0520e961e1d88d015 Mon Sep 17 00:00:00 2001
From: Derek Schuff <dschuff@chromium.org>
Date: Tue, 1 Oct 2024 17:12:37 -0700
Subject: [PATCH] Add a minimal Security and Privacy Considerations section

---
 document/web-api/index.bs | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/document/web-api/index.bs b/document/web-api/index.bs
index e001b0430d..8c4754f29f 100644
--- a/document/web-api/index.bs
+++ b/document/web-api/index.bs
@@ -303,3 +303,16 @@ application/wasm
  <dt>Author/Change Controller:</dt>
  <dd>W3C</dd>
 </dl></dd>
+
+
+<h2 id="security-considerations">Security and Privacy Considerations</h2>
+
+<p><em>This section is non-normative.</em></p>
+WebAssembly provides no access to the surrounding environment other than via the JavaScript API described in the JS API specification.
+Therefore, WebAssembly cannot collect or expose any information (personal, sensitive or otherwise) to Web sites or other parties beyond what can be collected, exposed or processed with JavaScript.
+WebAssembly memory has the same lifetime as the objects in the surrounding JavaScript environment and is not persisted or serialized (other than by copying it out to JavaScript and using existing serialization APIs).
+No access is provided to the underlying platform or hardware, or to other devices, or to the user agent’s native UI.
+
+WebAssembly is an additional program execution mechanism, and can be executed wherever JavaScript can be execute.
+Therefore the threat model is essentially the same as for JavaScript code, and has similar considerations for delivery (e.g. WebAssembly code should be protected in transit from active and passive network attackers)
+and policy (e.g. some loading mechanisms or execution are restricted via mechanisms such as the same-origin policy or Content Security Policy).