about summary refs log tree commit diff stats
path: root/sandboxing
diff options
context:
space:
mode:
authorKartik K. Agaram <vc@akkartik.com>2021-12-25 16:16:52 -0800
committerKartik K. Agaram <vc@akkartik.com>2021-12-25 16:16:52 -0800
commite4c0b0a3e7d3efb89c9b8bd4df32c80eb8a5a759 (patch)
tree3ec66e3214e98856d78bf8eea9cc63415c4b56d8 /sandboxing
parentdbbb396003a5b2e9a520754a2c4edb23a2215785 (diff)
downloadteliva-e4c0b0a3e7d3efb89c9b8bd4df32c80eb8a5a759.tar.gz
sandbox: more scenarios
Diffstat (limited to 'sandboxing')
-rw-r--r--sandboxing/README.md5
1 files changed, 5 insertions, 0 deletions
diff --git a/sandboxing/README.md b/sandboxing/README.md
index f73059c..5bc421d 100644
--- a/sandboxing/README.md
+++ b/sandboxing/README.md
@@ -36,6 +36,11 @@ Scenarios:
       - `teliva_editor_state`
       - app-specific sandboxing policies
   * (2) app can read from a remote server but not write (POST)
+  * (1) app permissions are saved across restart
+  * (1) permissions the owner grants to one app are not automatically granted
+    to another
+  * (2) downloading a second app with identical name doesn't receive its
+    predecessors permissions
   * app gains access to a remote server for a legitimate purpose, reads
     sensitive data from the local system file for legitimate purpose. Now
     there's nothing preventing it from exfiltrating the sensitive data to the