Show HN: Sandworm.js – Easy auditing and sandboxing for JavaScript dependencies (github.com) 10 points by sebivaduva 3y ago ↗ HN
[–] cphoover 3y ago ↗ Hmmm wouldn't you want to intercept syscalls at the kernel level like AppArmor instead of at the application level? [–] cphoover 3y ago ↗ This is cool though [–] gabidobocan 3y ago ↗ Thanks!Yes you can (and should) also intercept at kernel level, but the kernel can't tell which of your app's dependencies is responsible for the call, only the application knows that.
[–] cphoover 3y ago ↗ This is cool though [–] gabidobocan 3y ago ↗ Thanks!Yes you can (and should) also intercept at kernel level, but the kernel can't tell which of your app's dependencies is responsible for the call, only the application knows that.
[–] gabidobocan 3y ago ↗ Thanks!Yes you can (and should) also intercept at kernel level, but the kernel can't tell which of your app's dependencies is responsible for the call, only the application knows that.
3 comments
[ 54.3 ms ] story [ 211 ms ] threadYes you can (and should) also intercept at kernel level, but the kernel can't tell which of your app's dependencies is responsible for the call, only the application knows that.