| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | flesh out very preliminary UI | Kartik K. Agaram | 2021-12-25 | 3 | -19/+154 |
| | | | | | | | | Our sandboxing model is a blunt caricature, just two booleans. But let's see how far this gets us. Still doesn't persist, and definitely has no effect. | ||||
| * | fix a couple of colors | Kartik K. Agaram | 2021-12-25 | 1 | -2/+2 |
| | | |||||
| * | delete a couple more hacky function prototypes | Kartik K. Agaram | 2021-12-25 | 3 | -4/+3 |
| | | |||||
| * | sandbox: more scenarios | Kartik K. Agaram | 2021-12-25 | 1 | -0/+5 |
| | | |||||
| * | . | Kartik K. Agaram | 2021-12-25 | 1 | -2/+8 |
| | | |||||
| * | mock sandbox status and some initial colors | Kartik K. Agaram | 2021-12-25 | 2 | -1/+30 |
| | | | | | | | | | Current plan: - two booleans to gate file and network access, respectively - false shows as green, true shows as orange - if _both_ booleans are true, then both show as red to indicate that there are no protections. | ||||
| * | update all places when changing color scheme | Kartik K. Agaram | 2021-12-25 | 1 | -0/+1 |
| | | |||||
| * | fix menu colors in all color schemes | Kartik K. Agaram | 2021-12-25 | 1 | -1/+2 |
| | | | | | | | | | It looks like attron doesn't actually enable colors near 256, even though https://linux.die.net/man/3/attron suggests it does. > COLOR_PAIR values can only be OR'd with attributes if the pair > number is less than 256. | ||||
| * | sandbox: new scenario | Kartik K. Agaram | 2021-12-25 | 1 | -0/+4 |
| | | |||||
| * | more sandboxing scenarios | Kartik K. Agaram | 2021-12-25 | 1 | -0/+9 |
| | | |||||
| * | . | Kartik K. Agaram | 2021-12-25 | 1 | -4/+4 |
| | | |||||
| * | . | Kartik K. Agaram | 2021-12-25 | 1 | -1/+1 |
| | | |||||
| * | a little more reorg | Kartik K. Agaram | 2021-12-25 | 2 | -82/+87 |
| | | | | | | | | | Put stuff people messing with Teliva apps are likely to need above the C interface. The state of documentation for Teliva app creators is still quite poor. All they really have to go on is the example apps. | ||||
| * | reorg: pull Teliva-specific stuff out of lua.c | Kartik K. Agaram | 2021-12-25 | 9 | -1061/+1071 |
| | | | | | It should now be easier to diff against the Lua 5.1 sources upstream. | ||||
| * | . | Kartik K. Agaram | 2021-12-25 | 1 | -2/+2 |
| | | |||||
| * | make the case for sandboxing in the Readme | Kartik K. Agaram | 2021-12-25 | 1 | -24/+45 |
| | | |||||
| * | back to sandboxing; focus on files and sockets | Kartik K. Agaram | 2021-12-25 | 1 | -0/+2 |
| | | |||||
| * | drop stdin/stdout/stderr and Lua default files | Kartik K. Agaram | 2021-12-25 | 2 | -115/+18 |
| | | | | | | | | This isn't necessarily for sandboxing, but they don't really work right now in the presence of ncurses, and it seems better to not include broken stuff. Maybe we can get them to coexist with ncurses down the road. | ||||
| * | drop advent.tlv | Kartik K. Agaram | 2021-12-25 | 1 | -199/+0 |
| | | | | | It's not really an ideal use case for Teliva. | ||||
| * | sandbox: no popen | Kartik K. Agaram | 2021-12-25 | 4 | -58/+3 |
| | | | | | Again, too difficult to sandbox for now. | ||||
| * | tlv format for transient editor state | Kartik K. Agaram | 2021-12-25 | 2 | -18/+21 |
| | | | | | | Stop interpreting arbitrary Lua code when loading editor state. We don't need that power or security risk. | ||||
| * | sandbox: UX | Kartik K. Agaram | 2021-12-25 | 1 | -1/+3 |
| | | |||||
| * | sandbox: another scenario, some UX ideas | Kartik K. Agaram | 2021-12-25 | 1 | -0/+8 |
| | | | | | | | | | | | | | | I'd originally thought of allowing policies to be influenced by arbitrary code. But that may be overkill: - it's probably not a good idea to allow policies to read/write from file system - it's even less a good idea to allow policies to access the network - particularly since it's difficult (error-prone) to distinguish GET/POST in arbitrary protocols - once you allow file system and network, you're pretty close to owned So let's first focus on the simplest policy, the one that is easiest to secure. We'll add capabilities to policies as we gain confidence we can secure them. | ||||
| * | sandbox: record scenarios I've thought of so far | Kartik K. Agaram | 2021-12-25 | 1 | -4/+24 |
| | | |||||
| * | sandbox: no system() | Kartik K. Agaram | 2021-12-25 | 2 | -8/+5 |
| | | | | | | Too hard to sandbox. Maybe we'll get back to it if there's some use case only it can satisfy. | ||||
| * | . | Kartik K. Agaram | 2021-12-25 | 1 | -2/+2 |
| | | |||||
| * | stop futzing around and start sandboxing | Kartik K. Agaram | 2021-12-24 | 4 | -0/+937 |
| | | |||||
| * | clarify 'hardcoded colors' in the Readme | Kartik K. Agaram | 2021-12-24 | 1 | -1/+2 |
| | | |||||
| * | . | Kartik K. Agaram | 2021-12-23 | 1 | -0/+7 |
| | | |||||
| * | toot-toot: support backspace on Mac | Kartik K. Agaram | 2021-12-23 | 1 | -1/+1 |
| | | |||||
| * | toot-toot: cursor_down now handles wrapping lines | Kartik K. Agaram | 2021-12-23 | 1 | -8/+31 |
| | | |||||
| * | clean up debug prints | Kartik K. Agaram | 2021-12-23 | 1 | -9/+0 |
| | | |||||
| * | toot-toot: plug width into cursor movement | Kartik K. Agaram | 2021-12-23 | 1 | -3/+4 |
| | | |||||
| * | cleaner test message | Kartik K. Agaram | 2021-12-23 | 1 | -3/+2 |
| | | | | | Was printing over passing tests for some reason. | ||||
| * | toot-toot: reorg definitions | Kartik K. Agaram | 2021-12-23 | 1 | -209/+113 |
| | | |||||
| * | toot-toot: clean up history | Kartik K. Agaram | 2021-12-23 | 1 | -233/+60 |
| | | |||||
| * | toot-toot: cursor_up now handles wrapping lines | Kartik K. Agaram | 2021-12-23 | 1 | -6/+12 |
| | | |||||
| * | snapshot: more tests for cursor_up | Kartik K. Agaram | 2021-12-23 | 1 | -0/+208 |
| | | | | | I think this may be all the tests. Now to make them pass.. | ||||
| * | toot-toot: more elaborate cursor_up | Kartik K. Agaram | 2021-12-22 | 1 | -12/+59 |
| | | |||||
| * | toot-toot: more verbose but clearer cursor_down | Kartik K. Agaram | 2021-12-22 | 1 | -16/+44 |
| | | | | | I actually got all tests to pass on the first try. | ||||
| * | clean up my debug conlang | Kartik K. Agaram | 2021-12-22 | 1 | -6/+0 |
| | | | | | | This isn't the ideal implementation either. Pure spaghetti. But I need to clean up the debug prints to see that. | ||||
| * | toot-toot: redo cursor_down as an experiment | Kartik K. Agaram | 2021-12-22 | 1 | -9/+30 |
| | | | | | | | | I want to support cursor movement across wrapped lines, and the old implementation doesn't seem on the right track for that. Interesting that this required me to add the new symmetric test. | ||||
| * | . | Kartik K. Agaram | 2021-12-22 | 1 | -1/+1 |
| | | |||||
| * | errors during tests are now handled | Kartik K. Agaram | 2021-12-22 | 1 | -1/+8 |
| | | | | | | | | | | | | | | | | | I should have documented that I'd never actually seen that code path trigger before. Here's a minimal test that did it just now: function test_foo() return a+1 end E2: [string "test_foo"]:2: attempt to perform arithmetic on global 'a' (a nil value) A simple missing variable doesn't do it since it just evaluates to nil. Without this commit, the above test was silently continuing to the main app after failing tests. | ||||
| * | toot-toot: a few more tests | Kartik K. Agaram | 2021-12-22 | 1 | -1/+16 |
| | | | | | ..before a change in approach. | ||||
| * | . | Kartik K. Agaram | 2021-12-22 | 1 | -29/+19 |
| | | |||||
| * | more precise control over menu order | Kartik K. Agaram | 2021-12-22 | 6 | -12/+26 |
| | | | | | I can't believe I didn't notice this until now. | ||||
| * | gemini: back button | Kartik K. Agaram | 2021-12-22 | 1 | -0/+8 |
| | | |||||
| * | . | Kartik K. Agaram | 2021-12-22 | 1 | -1/+1 |
| | | |||||
| * | . | Kartik K. Agaram | 2021-12-22 | 1 | -8/+4 |
| | | |||||