Re: Rise of the Plugins
- From: Andrew Sobala <aes gnome org>
- To: Martin Soto <soto informatik uni-kl de>
- Cc: desktop-devel-list gnome org
- Subject: Re: Rise of the Plugins
- Date: Fri, 18 May 2007 11:28:28 +0100
Martin Soto wrote:
An additional point that nobody has mentioned so far is security. Most
(if not all) plugin implementations already available for Gnome programs
seem to allow for installing plugins in some user-owned directory. This
means that by gaining access to the user's home directory, an attacker
will be able to install code that gets run every time the user logs in:
Yes, you can do that already. It's what the session's for.
I'm not saying there aren't security implications of plugins, but being
able to run code on login is much easier to do without bothering with them!
--
Andrew
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]