The docs list WASI as currently experimental[1] and has missing features[2]. I u... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		daxfohl on Feb 26, 2020 \| parent \| context \| favorite \| on: Securing Firefox with WebAssembly The docs list WASI as currently experimental[1] and has missing features[2]. I understand how the sandboxing approach can add security, but if using experimental technology to enable this, doesn't it potentially open up more new holes than it closes? I'd love to hear more detail about what exact parts of WASI are used here, and what happens if you compile C code that targets a "rough edge" or "missing feature" of WASI by accident? [1] https://github.com/bytecodealliance/wasmtime/blob/master/doc... [2] https://github.com/bytecodealliance/wasmtime/blob/master/doc...

afiori on Feb 26, 2020 [–]

External experimental tools are different than internal experimental tools. It would not be a good idea to do the same using a tool they have little control over, but in this case they have full control over cranelift (up to even feeling secure in using a different version)

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact