diff options
author | Kartik K. Agaram <vc@akkartik.com> | 2021-12-25 14:00:03 -0800 |
---|---|---|
committer | Kartik K. Agaram <vc@akkartik.com> | 2021-12-25 14:00:03 -0800 |
commit | 399fb500f488fdadb64bed62dbee591838d8636e (patch) | |
tree | 888a94b2a7b438b4f79bf56ea88039792f2ba970 /sandboxing | |
parent | 6eecba1b5fd7be2f8d57663cd6d3de011c21465f (diff) | |
download | teliva-399fb500f488fdadb64bed62dbee591838d8636e.tar.gz |
more sandboxing scenarios
Diffstat (limited to 'sandboxing')
-rw-r--r-- | sandboxing/README.md | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/sandboxing/README.md b/sandboxing/README.md index ed0a9ea..ab3adf3 100644 --- a/sandboxing/README.md +++ b/sandboxing/README.md @@ -8,6 +8,15 @@ doesn't invoke any OS syscalls. ## Top down Things to secure: +* screen? Keep apps from drawing over standard Teliva UI elements. + * Teliva currently doesn't stop apps from overwriting the menu, if they're + clever. However, it always redraws its UI elements before accepting any + input from the keyboard. + +* code? There are currently no protections against .tlv files clobbering + existing definitions. I'm hoping that disallowing native code keeps this + safe. Apps can only affect themselves. + * files opened (for read/write) on file system * `io_open` * `io_lines` |