Re: [Gimp-developer] Fwd: Gimp Registry Future

From: Alexandre Prokoudine <alexandre prokoudine gmail com>
To: gimp-developer <gimp-developer-list gnome org>
Subject: Re: [Gimp-developer] Fwd: Gimp Registry Future
Date: Wed, 9 Apr 2014 16:51:44 +0400

On Wed, Apr 9, 2014 at 4:43 PM, Tobias Jakobs wrote:

It's a wee bit more complicated. Think of e.g. security concerns.
Sure, you can sit down and analyze the code of every submitted plugin,
but this solution is not scalable, and a scalable solution (as in
"automated check for exploits") is likely to be expensive.


But this is not a new problem. If you at the moment download anything from
the registry and install it, it could destroy your system.


Exactly. You need to 1) go, 2) find, 3) download, 4) find out, how to
install, 5) install.

Whereas the proposed system suggests taking away steps 1), 3) and 4).

The expected effect of that will be a huge increase of deployed
extensions and, as a consequence, an increased interest to GIMP from
people who write exploits. My concern is how this interest can
realistically be handled, because we shall be paying for a better
technology with an increased reputation risk.

This should not stop us from improving it.


I wasn't even implying that.

Alexandre

Follow-Ups:
- Re: [Gimp-developer] Fwd: Gimp Registry Future
  - From: Michael Schumacher

References:
- [Gimp-developer] Fwd: Gimp Registry Future
  - From: scl
- Re: [Gimp-developer] Fwd: Gimp Registry Future
  - From: SorinN
- Re: [Gimp-developer] Fwd: Gimp Registry Future
  - From: Ingo Lütkebohle
- Re: [Gimp-developer] Fwd: Gimp Registry Future
  - From: Alexandre Prokoudine
- Re: [Gimp-developer] Fwd: Gimp Registry Future
  - From: Ingo Lütkebohle
- Re: [Gimp-developer] Fwd: Gimp Registry Future
  - From: Alexandre Prokoudine
- Re: [Gimp-developer] Fwd: Gimp Registry Future
  - From: Tobias Jakobs

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]