|
|
|
|
|
|
by JeremyNT
1692 days ago
|
|
|
Yeah, I don't see the value here either. You don't need wasm or chrome or any of that stuff. Linux itself has several features that can be used to isolate processes, and there are use friendly tools like bwrap [0] that make configuration easy. It should be entirely possible to sandbox something like ExifTool itself such that it has no network access and is limited to reading and writing files in a particular directory. https://wiki.archlinux.org/title/Bubblewrap |
|
|