Here is an example sealer unsealer in js:
const makeSealerAndUnseler = (brandmark) => {
let cell = undefined;
const sealer = (specimen) => {
const box = () => {
cell = specimen;
return undefined;
};
return box;
};
const unsealer = (box) => {
try {
cell = undefined;
box();
const specimen = cell;
return specimen;
} catch (err) {
throw new Error(“unsuccessfull unsealing”);
}
};
return [sealer, unsealer];
}
as you can see, the only interception possible is of control flow when a box is called.
Such interception can be used for entering an infinit loop but that is just the same risk as calling any code untrusted by the caller. The other use is for to know when a particular box that has been proxied by an wrapping closure is being unsealed but not much beyond that.
Edited to fix a vulernability arising from me misrecalling on how this done.