Re: Rise of the Plugins

Hi Ross:

On Fri, 2007-05-18 at 12:00 +0100, Ross Burton wrote:
> On Fri, 2007-05-18 at 12:54 +0200, Martin Soto wrote:
> > > I'm not saying there aren't security implications of plugins, but being 
> > > able to run code on login is much easier to do without bothering with them!
> > 
> > The fact that we already have some security holes to plug doesn't mean
> > we should open new ones, though.
> If plugins are disabled by default, then the user has to activate a
> plugin explicitly.  This is less that optimal from a users point of
> view, but it would solve the security issue.

This is not what I'm suggesting. What I mean is that we should avoid
executing code directly from home directories unless we know for sure
that that's what the user wants to do. I realize this is not an easy
problem to solve, but that's no reason to ignore it. Installing new
plugins should be at least as hard as installing new software on the
system. Ubuntu systems, for example, use the standard gksudo dialog to
ask for the user password whenever new software is installed (this is
valid for updates, too.) Plugins should be subject to the same

This is also why I say that many plugins should be hidden from the end
user. For example, in a recent blog entry [1] you briefly discuss the
new plugin system in Sound Juicer. You say:

        The first two plugins I'd like to see from both feature and
        proof of concept angles are more complete CD playback controls
        (repeat and random), and downloading of album cover art.
Of course, having these as plugins may make sense to you as a developer,
but I don't see why a user wouldn't want to have them. I, for one, would
appreciate to have both of them installed (ideally on a system directory
where they can be more easily secured) and activated by default. Along
this same line, I don't see why anyone would like to disable them unless
they have very special requirements, in which case they can tweak the
program's configuration files or gconf as needed.


M. S.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]