|
|
|
|
|
|
by daveguy
505 days ago
|
|
|
Doing this at the program level is implemented in Linux by SELinux, which defines mandatory access controls (aka limitations on capabilities). This was difficult to get right by default and make a smoothly functioning distro with policies enabled. But it is enabled by default in Fedora. https://en.m.wikipedia.org/wiki/Security-Enhanced_Linux To enable this at the programming level would require an enforcement mechanism at the level of a language VM or OS. It would require more overhead to enforce at that level, but the safety benefits within a language may be worth it. |
|
|