about summary refs log tree commit diff stats
path: root/sandboxing/README.md
diff options
context:
space:
mode:
Diffstat (limited to 'sandboxing/README.md')
-rw-r--r--sandboxing/README.md5
1 files changed, 5 insertions, 0 deletions
diff --git a/sandboxing/README.md b/sandboxing/README.md
index f73059c..5bc421d 100644
--- a/sandboxing/README.md
+++ b/sandboxing/README.md
@@ -36,6 +36,11 @@ Scenarios:
       - `teliva_editor_state`
       - app-specific sandboxing policies
   * (2) app can read from a remote server but not write (POST)
+  * (1) app permissions are saved across restart
+  * (1) permissions the owner grants to one app are not automatically granted
+    to another
+  * (2) downloading a second app with identical name doesn't receive its
+    predecessors permissions
   * app gains access to a remote server for a legitimate purpose, reads
     sensitive data from the local system file for legitimate purpose. Now
     there's nothing preventing it from exfiltrating the sensitive data to the
generated by cgit-pink 1.4.1-2-gfad0 (git 2.36.2.497.gbbea4dcf42) at 2024-09-21 11:35:29 +0000