@grainloom but they (we|a)re better sandboxes than OSes

Flawed though they are

@electroCutie not really, there are OSs that don't suck at sandboxing

browsers are also bad at multi-level sandboxing because you can't easily sandbox JS inside JS, so they are not even good language VMs in my view

@grainloom fair. I guess from my point of view OS sandboxes are incredibly difficult to get right. I guess that is why docker is a thing, but it is still pretty hefty and I don't know all the caveats

Browsers are sandboxes which have a very low cost of entry (costs come later)

@grainloom make it as trivial to run isolated code on any machine as browsers have done and we might see a migration back to apps

or Java again. Dunno.

