[pertique]

Do you have other info on languages that do? In my mind, if a library is compromised and incorporated in software that touches sensitive data then there's no way to meaningfully sandbox it. Sure, the library lives in the sandbox, but so does the stuff you're trying to protect. I'm not sure that's a Rust-specific problem.

[marwis]

Java (look up Security Manager).

Unfortunately it is deprecated and scheduled for removal because too much security is annoying and not enough people care to use it.

[amelius]

The library should live in its own sandbox, separated from the rest of the system including any other libraries. All system calls have to go through a permissions system that (e.g.) denies access by default.

There is at least one language that tries to do that (someone posted it here in a comment some time ago, but I can't find it).