First thing that comes to mind is the approach that Jurassic javascript [1] does using .Net IL generation, run that on a .Net based OS like Singularity [2].

1. https://github.com/paulbartrum/jurassic

2. https://en.wikipedia.org/wiki/Singularity_(operating_system)

Inferno is another example of a system that did not expose the ability to dereference raw pointers to user programs: https://en.m.wikipedia.org/wiki/Inferno_(operating_system)

So just run a different JIT compiler? Also, the Jurassic name is quite funny when talking about security :D

The point is your jitting to an intermediate language thats verified and a system level jit actually turns that into machine code, you are never allowed to write machine code directly to memory and execute.

V8 basically does this internally with its bytecode, if your whole system was built on that bytecode then you can do software isolation rather than hardware.