> Conclusion:<p>> * Programming language implementations <i>cannot establish confidentiality</i> on today's hardware<p>> * Don't run untrusted code in the same process with secrets it could steal<p>I understand that because of this, browsers are moving towards running untrusted JavaScript code in separate processes, so that confidentiality is provided by process boundaries.<p>Does anyone know whether other applications that embed scripting languages and run untrusted code (e.g. games that embed Lua[JIT]) are also moving towards a multi-process architecture?
That's a very weird typo for language. Usually we can tell what word was meant if some letters are missing from what I understand, but for some reason this one was surprisingly bad.