From 917646fc9f75ab573d2b09429784dcc0940f8619 Mon Sep 17 00:00:00 2001
From: "Kartik K. Agaram" <vc@akkartik.com>
Date: Sat, 25 Dec 2021 10:52:48 -0800
Subject: sandbox: no popen

Again, too difficult to sandbox for now.
---
 sandboxing/README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'sandboxing/README.md')

diff --git a/sandboxing/README.md b/sandboxing/README.md
index 341cd82..4218054 100644
--- a/sandboxing/README.md
+++ b/sandboxing/README.md
@@ -33,7 +33,7 @@ Scenarios:
       allows an app to do anything. Educate people to separate apps that read
       sensitive data from apps that access remote servers.
     - (2) solution: map phases within an app to distinct permission sets
-  * (3) app wants access to system() or exec()
+  * (3) app wants access to system() or exec() or popen()
 
 Difficulty levels
   1. I have some sense of how to enforce this.
-- 
cgit 1.4.1-2-gfad0