Comment by russfink
I wonder about the security of this. Are programs executed in some kind of jail? Is there a limit to certain features, e.g., opening a socket to somewhere?
I wonder about the security of this. Are programs executed in some kind of jail? Is there a limit to certain features, e.g., opening a socket to somewhere?
Fta
> However, for system libraries, WebAssembly's isolated memory model comes with serious tradeoffs.
> Isolation means no system calls WebAssembly can only access functions the runtime exposes to it. Usually, that's JavaScript.
Without digging into the code I'm going to assume (guess) that this feature did not take the main value-prop of the WASM model.
Afaik, this is explicitly against the isolation that WASM imposes [1]
> Modules must declare all accessible functions and their associated types at load time, even when dynamic linking is used. This allows implicit enforcement of control-flow integrity (CFI) through structured control-flow.
I seem to remember a WASI developer talk that discussed syscalls here, but I can't remember the specifics. The gist was basically along the lines of, "syscalls are a level of privilege that should not be cart-blanche accessible to all programs at all times"