Haha. Now the browser runs in the kernel. What can go wrong ?

I think it was Microsoft that saw that running graphics in kernel is a bad idea.

But, yeah, this was a very long time ago and why not make the same mistakes over and over again.

It's not a browser (or even a piece of a browser), it's a method of statically sandboxing a native binary.

WASM isn't really "native". A C/Rust/etc compiler can target it, but it's very much a non-native ISA, with its own "syscall equivalents", its own limitations, etc.

But it doesn't have to be run in a runtime; it can compile directly to a platform-native binary. Internally it has limitations, as any sandboxed code would, but it lets you take native code and compile it to a native binary with sandboxing built-in

The reason why it doesn't quite work out is that typically such a thing, AOT-compiled into native code, still carries with it its limitations and assumptions. It's technically native, but experiencing the native APIs only through a narrow peephole in the fence.

If we let this meaning of "native" take over, we're gonna need another word for actually native things.

Sometimes, that works well enough, though!