part of the talk of Lin Clark in https://hacks.mozilla.org/2019/03/standardizing-wasi-a-webassembly-system-interface/:
It also gives us sandboxing because the host can choose which wasi-core functions to pass in — so, which system calls to allow — on a program-by-program basis. This preserves security.
she says host can choose which system calls pass to each wasm module. for example read() system call passes to module A and write() system call to module B.
is it implemented in wasmtime or lucet or other runtimes? or is it just a dream without implementation in real world?
Yes it is implemented in all runtimes implementing
wasi. The reason is that this feature is related to import/export mechanism of WebAssembly.