With recent talks of using WebAssembly outside the browser, I began to think that the most promising place to use WebAssembly outside the browser is to replace BPF in the kernel.
More generally, being able to have kernel modules that run at native speed but cannot cause a kernel panic (the wasm runtime could, but assuming that part is correct the modules it runs could not).
I like this project and will try it out.
I work with a group using Python and R. A frequent request is that they want to run a program on their workstation with a chosen dat set, but don’t want to risk the entire system. This could be because of unknown packages or because they are running code from a collaborator.
I don’t have a good answer for this other than docker, but many don’t know docker.
I would like a sandbox where if they make a mistake or get some malware, they delete the sandbox, Republicans the code and data and start again from zero. But don’t lose anything.