Comment by swiftcoder

Comment by swiftcoder 3 days ago

0 replies

View on Hacker News

> if the application were compromised in some way, wouldn't it simply un-restrict itself?

The API doesn't allow un-restriction, only restriction. Since one typically applies restrictions at program start, they will be applied before an attacker gains remote-execution, and the attacker is then limited in what they can do...