scripting proposal draft 3

[Mark Kretschmann]

On 4/9/08, Ian Monroe <ian at monroe.nu> wrote:
> On Wed, Apr 9, 2008 at 1:26 AM, Mark Kretschmann <kretschmann at kde.org> wrote:
>  >  Apart from possible sandboxing like explained above, we will simply
>  >  rely on the public auditing in the open source way, like we did with
>  >  Amarok 1. That is, we rely on the fact that malicious scripts usually
>  >  get removed rather quickly from kde-apps.org. So far there hasn't been
>  >  any known malicious script attacks.
>  >
>  >  As for auditing done by Amarok developers, that's completely out of
>  >  the question. I wouldn't take responsibility for the safety of a
>  >  script in any way, and also I'm lacking the time. The same is probably
>  >  true for the other devs.
>
> I think we should transition to a system where all Amarok Scripts that
>  want to be distributed by us have to use a SVN repo. The SVN repo
>  would follow the same policies as the normal KDE repo (perhaps it
>  might even be in the KDE repo). Which is to say, it would be very
>  open. GHNS will be able to create tarballs out of SVN tags.
>
>  This would naturally introduce more scrutiny, so it would probably be
>  helpful for security. But the intention is more to make sure that
>  available scripts are of a high quality and don't turn into
>  abandonware.

Indeed, I agree with that as well. I had momentarily forgotten that we
had discussed this a while ago; thanks for the reminder.

I'm very much for forcing all public scripts to be hosted in our SVN
repo, for the reasons you stated.

-- 
Mark