[7373737373]

This is the way. Unfortunately languages like Python will for implementation complexity/backward compatibility reasons never support something like this natively (unless with workarounds/hacks like compiling it to WebAssembly). It's time to phase out languages that don't. The only Python variants that made a foray into this are PyPy[0] and Monte[1]. It's important to make this sandboxing have only a small overhead, and make it work recursively, so external libraries can import partially untrusted external libraries themselves, thus hollowing out the attack surface at every node of the dependency tree.

That's something that WebAssembly can't do well either, even if its boundary is secure. Creating a new sandbox means having to start a new instance "from the outside", the virtual machine doesn't have this capability built in.

This is the access security problem, there is another that almost all programming languages and virtual machines haven't even tried to solve, especially in a platform independent way: resource security. If an untrusted program cannot access anything but its own memory, but can still go in an infinite loop or allocate all memory and bring the whole system to a halt, the security architecture isn't as complete as it could (should) be.

Especially combined with process serialization[2], a system that implemented both of these security aspects correctly would make very interesting programs possible.

[0] https://doc.pypy.org/en/latest/sandbox.html [1] https://monte.readthedocs.io/en/latest/intro.html [2] https://stackless.readthedocs.io/en/2.7-slp/library/stackles...