|
|
|
|
|
|
by techplex
1499 days ago
|
|
|
The approach deno is taking is very interesting where all packages are sandboxed. I'd be interested to hear the author's thoughts on Deno's approach as a mitigation for supply chain attacks. I understand it won't stop all attacks but it would make them significantly harder.
ref: https://medium.com/deno-the-complete-reference/sandboxing-in... |
|
|
That's something that WebAssembly can't do well either, even if its boundary is secure. Creating a new sandbox means having to start a new instance "from the outside", the virtual machine doesn't have this capability built in.
This is the access security problem, there is another that almost all programming languages and virtual machines haven't even tried to solve, especially in a platform independent way: resource security. If an untrusted program cannot access anything but its own memory, but can still go in an infinite loop or allocate all memory and bring the whole system to a halt, the security architecture isn't as complete as it could (should) be.
Especially combined with process serialization[2], a system that implemented both of these security aspects correctly would make very interesting programs possible.
[0] https://doc.pypy.org/en/latest/sandbox.html [1] https://monte.readthedocs.io/en/latest/intro.html [2] https://stackless.readthedocs.io/en/2.7-slp/library/stackles...