|
|
|
|
|
|
by ridruejo
1119 days ago
|
|
|
Capabilities based means that by default Wasm cannot do anything with the outside world. You have to explicitly declare the specific access you are giving, for example if the runtime implements WASI filesystem access you need to specify which parts of the underlying filesystem will be accessible to the module Not yet public means exactly that. You may have a buffer overflow issue in your code that you are unaware of. There are technologies that help mitigate those when/if discovered. Wasm is one of them but not the only one (ie most modern compilers have specific settings to harden the binaries against some issues) |
|
|