Sandboxed Mode #60
Description
Mass compiler uses JIT and theoretically allows access to any system api.
This is great for certain use cases but can limit some usages, for example as an embedded language or a config language.
Luckily since the majority of functionality is defined in ist land it should be possible to achieve sandboxing by:
- limiting exports from the compiler (no intrinsic)
- Adding a new "OS" variant
- Disallowing external library imports