undefined | Better HN

0 pointsmdavidn10y ago0 comments

The process model is a sandbox. Every process runs as if alone, with seemingly continuous processor time and memory addresses starting at zero. The ailments you described are all system calls, special access granted by the kernel.

So the process model is not fundamentally different than the browser model, but WebAssembly enjoys two advantages:

1. The browser security model sagely segmented privileges by origin rather than user.

2. Like bytecode, WebAssembly AST does not target a specific processor.

0 comments

aboodman10y ago

Totally agree. The process model is actually a better sandbox than, e.g., Firefox per-origin one (because it sandboxes CPU time and memory as well). But the shape of the sandbox is incorrect for the modern era.

j / k navigate · click thread line to collapse

0 pointsmdavidn10y ago0 comments

So the process model is not fundamentally different than the browser model, but WebAssembly enjoys two advantages:

1. The browser security model sagely segmented privileges by origin rather than user.

2. Like bytecode, WebAssembly AST does not target a specific processor.

0 comments

aboodman10y ago

j / k navigate · click thread line to collapse