Follow

WASI aims to bring cross-platform, sandboxed executables using webassembly as the base to non-browser systems github.com/CraneStation/wasmti

It's also ocap-based so there's some hope for security actually working.

However Ben Laurie (who worked on Capsicum) argues that since we have something resembling a clean slate, why try to build it on a broken POSIX'y type design? (Article also talks about how and why containers continue to break their own sandboxing) medium.com/@benlaurie_18378/ho

Sign in to participate in the conversation
Octodon

Octodon is a nice general purpose instance. more