Not sure I have questions, just generally interested in making it easier/lighter weight/built-in to constrain ambient authority (for example, to mitigate supply chain risks), thus have it be done more.
The Polyglot sandfox feels very loosely analogous to Deno per process (and thus subprocess) permissions, though it looks like ISOLATED and UNTRUSTED can limit a bunch of things not possible with Deno.
We do not do process isolation yet, although we have plans to implement that as well as a fallback strategy.
The advantage of the native-image-isolate-based isolation is that it is much more lightweight. For example, calls from and to the host application are much faster. There is no copying or expensive synchronization necessary. The disadvantage is that we need to do our own protections against attacks, as the OS protections between processes don't apply to such isolates. By default, we deploy software/compiler-based protections but are also very close to supporting hardware like Intel MPK.
Are you sure? I created a JavaScript Polyglot context in Java with GraalJS CE 21 and...
> Exception in thread "main" Polyglot sandbox limits can only be used with runtimes that support enterprise extensions. The runtime 'GraalVM CE' does not support sandbox extensions.
ISOLATED and UNTRUSTED require GFTC
CONSTRAINED is also available under open-source licenses.
Only for JavaScript right now. We are working hard on supporting all the other languages!
Developer here. So, if you have more questions, let me know!