|
|
|
|
|
|
by stefanha
814 days ago
|
|
|
Hi, I'm the author. See the "The best approach we have today for run-time isolation is through sandboxing" part in the blog post. It covers sandboxing, which pledge(2) is an example of. My experience with sandboxing approaches is that they are only used in the most security-critical software because they are difficult to integrate. If the programming language isolates components by default, then the majority of software should be able to benefit. |
|
|