more thoughts on sandboxing

This commit is contained in:
Kartik K. Agaram 2022-02-05 13:10:39 -08:00
parent a5cb7381a8
commit be7da76696
1 changed files with 8 additions and 0 deletions

View File

@ -27,3 +27,11 @@ program draws over menu -> getch -> Teliva menu is still visible
TODO protect sensitive teliva files (teliva_edit_buffer, etc.)
should we protect .c sources?
listing files in a directory is not worth sandboxing
since reading their contents is sandboxed
and since UNIX permissions protect system directories
rmdir() is not worth sandboxing, since it only succeeds on empty directories
no need to sandbox unlink() since it's not exposed