diff options
author | Kartik K. Agaram <vc@akkartik.com> | 2022-03-07 10:35:23 -0800 |
---|---|---|
committer | Kartik K. Agaram <vc@akkartik.com> | 2022-03-07 10:55:18 -0800 |
commit | 38063812b6e931740f9d9d7b4bc95429dcfb3aa6 (patch) | |
tree | 3d71c8c5dba878c99551aebbba760a4c4e0deab7 /zet.tlv | |
parent | 7a315e3d9f1c668b54d57b472b612c7f6d738ede (diff) | |
download | teliva-38063812b6e931740f9d9d7b4bc95429dcfb3aa6.tar.gz |
zet.tlv: switch file writes to new API
The interface for apps looks much nicer now, see 'main' in zet.tlv. However there are some open issues: - It can still be confusing to the computer owner that an app tries to write to some temporary file that isn't mentioned anywhere. - File renames can fail if /tmp is on a different volume. - What happens if an app overrides start_writing()? The computer owner may think they've audited the caller of start_writing and give it blanket file permissions. Teliva tunnels through start_writing when computing the caller. If the app can control what start_writing does, the app could be performing arbitrary malicious file operations. Right now things actually seem perfectly secure. Overriding start_writing has no effect. Our approach for loading .tlv files (in reverse chronological order, preventing older versions from overriding newer ones) has the accidentally _great_ property that Teliva apps can never override system definitions. So we have a new reason to put standard libraries in a .lua file: if we need to prevent apps from overriding it. This feels like something that needs an automated test, both to make sure I'm running the right experiment and to ensure I don't accidentally cause a regression in the future. I can totally imagine a future rewrite that tried a different approach than reverse-chronological.
Diffstat (limited to 'zet.tlv')
-rw-r--r-- | zet.tlv | 37 |
1 files changed, 37 insertions, 0 deletions
diff --git a/zet.tlv b/zet.tlv index e9e08cc..1963796 100644 --- a/zet.tlv +++ b/zet.tlv @@ -3593,3 +3593,40 @@ >function read_zettels(infile) > zettels = jsonf.decode(infile) >end +- __teliva_timestamp: + >Mon Mar 7 10:31:27 2022 + main: + >function main() + > init_colors() + > curses.curs_set(0) -- hide cursor except when editing + > + > -- load any saved zettels + > local infile = start_reading(nil, 'zet') + > if infile then + > read_zettels(infile) + > end + > current_zettel_id = zettels.root -- cursor + > view_settings.first_zettel = zettels.root -- start rendering here + > + > while true do + > render(Window) + > update(Window) + > + > -- save zettels + > local outfile = start_writing(nil, 'zet') + > if outfile then + > write_zettels(outfile) + > end + > -- TODO: what if io.open failed for a non-sandboxing related reason?! + > -- We could silently fail to save. + > end + >end +- __teliva_timestamp: + >Mon Mar 7 10:32:08 2022 + __teliva_note: + >switch to new file API for writing + write_zettels: + >function write_zettels(outfile) + > outfile:send(json.encode(zettels)) + > outfile:close() + >end |