seccomp should not be needed for a Wasm VM unless the host calls are unsafe, which is not the case by default (since no host functions are provided) or for WASI (since is alreay designed to be sandboxed).
Also, seccomp only works in the Linux kernel (not in Windows, or macOS)... so it's a no-go for a universal sandboxed VM :)
Also, seccomp only works in the Linux kernel (not in Windows, or macOS)... so it's a no-go for a universal sandboxed VM :)