diff options
| author | Kartik K. Agaram <vc@akkartik.com> | 2021-12-25 14:00:03 -0800 |
|---|---|---|
| committer | Kartik K. Agaram <vc@akkartik.com> | 2021-12-25 14:00:03 -0800 |
| commit | 399fb500f488fdadb64bed62dbee591838d8636e (patch) | |
| tree | 888a94b2a7b438b4f79bf56ea88039792f2ba970 | |
| parent | 6eecba1b5fd7be2f8d57663cd6d3de011c21465f (diff) | |
| download | teliva-399fb500f488fdadb64bed62dbee591838d8636e.tar.gz | |
more sandboxing scenarios
| -rw-r--r-- | sandboxing/README.md | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/sandboxing/README.md b/sandboxing/README.md index ed0a9ea..ab3adf3 100644 --- a/sandboxing/README.md +++ b/sandboxing/README.md @@ -8,6 +8,15 @@ doesn't invoke any OS syscalls. ## Top down Things to secure: +* screen? Keep apps from drawing over standard Teliva UI elements. + * Teliva currently doesn't stop apps from overwriting the menu, if they're + clever. However, it always redraws its UI elements before accepting any + input from the keyboard. + +* code? There are currently no protections against .tlv files clobbering + existing definitions. I'm hoping that disallowing native code keeps this + safe. Apps can only affect themselves. + * files opened (for read/write) on file system * `io_open` * `io_lines` |