Comment by vlovich123

Comment by vlovich123 17 hours ago

0 replies

View on Hacker News

Yeah this is particularly a problem for JS where importing code also immediately executes it. But yeah, managing capabilities within a process boundary is inherently trickier than doing it at the process boundary where you can actually guarantee permissions cannot be obtained through subterfuge.