|
|
|
|
|
|
by syrusakbary
957 days ago
|
|
|
It does solve many of the issues, namely: * Memory isolation (memory can't be executable, and thus you reduce injection attacks).
* Sandboxing: by default Wasm has no access to the outer universe where is being called, this makes quite trivial to properly sandbox almost any kind of program (on the systemcall layer)
And it does so without requiring hardware virtualization |
|
|