|
|
|
|
|
|
by jwilliams
36 days ago
|
|
|
I've been working on JavaScript runner for untrusted code. The whole API is only exposed via messages passed over stdio. Security layers: V8 isolates, two-stage seccomp, frozen globals, mount namespaces, landlock, and more.
https://github.com/jonathannen/hermit Plus it's too early to really show, but also working on a dataflow language (w/ immutable data) that uses some code semantics from Rust/Zig and friends:
https://github.com/jonathannen/badger |
|
|