Hacker News new | past | comments | ask | show | jobs | submit login

Node.js had a PR to add that in (with packages enforced but not your 'own' code) and Node has policies to deal with loading untrusted code ( https://nodejs.org/api/policy.html ).

Personally I isolate with OS level containers as I think it's a lot more robust and tested but I definitely see the merit in Deno exploring this - even if it doesn't really work yet it's interesting.




I thought node.js policies were basically just SubResource Integrity hashes? Are they planning for something more?

I’ve been looking into the isolated-vm module recently and it looks pretty nice. Fly.io built their run-untrusted-code service on top of it.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: