Comment by sublimefire

Comment by sublimefire 2 hours ago

0 replies

View on Hacker News

Look at how others implement quickjs and restrict its runtime for sensitive workloads [1], should be similar.

But there are other ways, e.g. run the logic isolated within gvisor/firecracker/kata.

[1] github.com/microsoft/CCF under src/js/core