What if I wanted to write a program that uses untrusted libraries, but also does some very security sensitive stuff? You are probably going to suggest splitting the program into microservices. But that has a lot of problems and makes things slow.
replyThe problem is that programs can be entire systems, so "doing it at the system level" still means that you'd have to build boundaries inside a program.
you can do multi process things. or drop privs when using untrusted things.
replyyou can use OS apis to isolate the thing u want to use just fine..
and yes, if you mix privilege levels in a program by design then u will have to design your program for that.
this is simple logic.
a programming language can not decide for you who and what you trust.
> you can use OS apis to isolate the thing u want to use just fine..
replyFor the sake of the argument, what if I wanted to isolate numpy from scipy?
Would you run numpy in a separate process from scipy? How would you share data between them?
Yes, you __can__ do all of that without programming language support. However, language support can make it much easier.