teliva - Fork of Lua 5.1 to encourage end-user programming

	Commit message (Collapse)	Author	Age	Files	Lines
*	drop io.lines()	Kartik K. Agaram	2022-02-02	1	-27/+1
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	I'd already dropped the variant without a filename. But even the variant with a filename is very easy to use in a way that is confusing to use in the presence of sandboxing: * call io.lines() * Sandboxing saves an error, io.lines() returns nil * Caller (usually a loop) raises an error. * We show the error and not the sandboxing failure. * Worse, there's no way to adjust permissions from within Teliva, because we can't ever get to that menu while there's an error. Best solution I can come up with: encourage a separate step for translating filename to file handle. That way it's more obvious that we need to check for errors.
*	tweak an entry in the audit log	Kartik K. Agaram	2022-02-02	1	-1/+1
\|
*	file permissions: decide based on calling function	Kartik K. Agaram	2022-02-01	1	-2/+2
\|
*	instrument some obvious syscalls	Kartik K. Agaram	2022-01-02	1	-1/+5
\|
*	start on a view of audit events	Kartik K. Agaram	2022-01-02	1	-0/+4
\|
*	editable file permissions	Kartik K. Agaram	2022-01-02	1	-2/+2
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Extremely cruddy implementation: - I'm still unclear on how to represent the advice function: - How to handle errors when loading user configuration? Currently I refuse to start. - Whole function? More errors to handle in header and so on. What if the function is renamed? - Just body? Needs more structured editing support. - Lots of duplication, particularly between the permissions in the menu and the permissions screen. I don't know how to show the hostname at the time of connect() or bind(), so networking is going to remain a boolean for now. It's also unclear what effective constraints we can impose on what gets discussed with a specific hostname. Everything outside the computer is out of one's control. One trick I learned is for consistently grabbing ASan logs on abort: It's always safe to redirect stderr with ncurses!
*	rename	Kartik K. Agaram	2022-01-02	1	-2/+2
\|
*	file open() is now sandboxed	Kartik K. Agaram	2021-12-25	1	-3/+14
\| \| \| \| \| \| \|	In the process we now also have a mechanism for Teliva to overlay errors while apps run. Might make sense to make that available to apps as well. But I'm starting to realize that any app access to the Teliva areas of the screen is fraught with risk.
*	drop stdin/stdout/stderr and Lua default files	Kartik K. Agaram	2021-12-25	1	-115/+13
\| \| \| \| \| \| \|	This isn't necessarily for sandboxing, but they don't really work right now in the presence of ncurses, and it seems better to not include broken stuff. Maybe we can get them to coexist with ncurses down the road.
*	sandbox: no popen	Kartik K. Agaram	2021-12-25	1	-29/+1
\| \| \| \|	Again, too difficult to sandbox for now.
*	new fork of Lua 5.1	Kartik K. Agaram	2021-10-22	1	-0/+556
	https://www.lua.org