[Retr0id]

JIT is a large attack surface, but it's mostly an attack surface from the perspective of migrating from "untrusted" (attacker-controlled) javascript execution, to arbitrary native code execution (e.g. malicious js on a webpage, breaking out).

If a Deno user wants to use FFI to invoke system("rm -rf /*"), they can*, and they don't need to exploit a JIT bug to do so.

FFI with JIT is almost certainly a larger attack surface than FFI without JIT, but in practice I don't think it's a big difference.

*iiuc Deno is sandboxed by default, so presumably FFI capabilities (and the attack surface implications thereof) are something the developer needs to opt into from the start.