|
|
|
|
|
|
by woodruffw
926 days ago
|
|
|
Yep, language runtimes are an (inevitably?) large attack surface. My understanding is that OpenBSD userspace processes can voluntarily limit their own syscall behavior with pledge[1], so a Python program (or the interpreter itself) could limit the scope of a particular process. But I have no idea how common that is. [1]: https://man.openbsd.org/pledge |
|
|