Comment by ameliaquining

Deno has "sandboxing" in the sense that it will refuse to open files and such if you don't pass the relevant permission flags, but AFAICT it doesn't do the thing that this article is talking about, of telling the kernel not to let it do those things. (I'm inferring this from the note in the documentation that native code called via FFI isn't sandboxed.) So an attacker could still do those things if they found an exploitable bug in the Deno runtime.

I'm having a hard time figuring out the details of how Wasmtime works but I don't think it does this kind of sandboxing either.