back to sandboxing; focus on files and sockets
This commit is contained in:
parent
1e63a579d7
commit
02d05d61c7
|
@ -9,6 +9,8 @@ doesn't invoke any OS syscalls.
|
|||
|
||||
Things to secure:
|
||||
* files opened (for read/write) on file system
|
||||
* `io_open`
|
||||
* `io_lines`
|
||||
|
||||
* destinations opened (for read/write) on network
|
||||
* `inet_tryconnect` // `socket_connect`
|
||||
|
|
Loading…
Reference in New Issue