about summary refs log tree commit diff stats
path: root/manual_tests
Commit message (Collapse)AuthorAgeFilesLines
* hide test app a bitKartik K. Agaram2022-03-071-0/+2
|
* question raised during FOSDEM '22Kartik K. Agaram2022-02-071-0/+2
| | | | https://fosdem.org/2022/schedule/event/lastmilesandboxing
* more thoughts on sandboxingKartik K. Agaram2022-02-051-0/+8
|
* new potential threat vectorKartik K. Agaram2022-02-011-0/+3
|
* arrow keys in big picture viewKartik K. Agaram2021-12-211-0/+1
|
* keep Teliva apps from pretending to be TelivaKartik K. Agaram2021-12-211-0/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Kind of a subtle idea. Teliva the framework is intended to be trustworthy software that people install on their computers. The apps people run using Teliva may be less trustworthy. The whole point of Teliva is to provide a sandbox for running code before you trust it. One way (of many) apps can be malicious is by subtly getting between what people see and reality. Imagine, for example, an app that draws a fake menu bar and offers a different hotkey to edit source code. When someone presses that hotkey they think they're using the standard Teliva editor but they're really using an editor within the app, which the app uses to hide its most malicious bits from view. Down the road Teliva will have more bits of UI, such as for asking for permission to read sensitive data. It's important that people understand what they're granting permission to, that apps can't tamper with the communications channel between them and Teliva. This is likely just one of many ways for an app to break out of its sandbox. Teliva isn't sandboxed yet. I'm just taking my first steps on this journey. In particular, there are other mechanisms for asking for user input besides `getch()`. I don't yet have a big-picture view of the Teliva sandbox. It seems clear that I need to educate people on the difference between different parts of screen. Depending on the app you install, most of the screen may be a dark forest. It'll be important to know where the safe path is, where you can speak to trusted advisors while in the forest.
* stop leaking on the Lua stack, reduxKartik K. Agaram2021-12-161-0/+7
| | | | | An empty stack is too rigorous a line to hold. Instead we'll just ensure we leave the stack the way we found it.
* why not keep manual tests in the repo?Kartik K. Agaram2021-11-291-0/+15