KDE-Docs.org
Jarosław Staniek
js at iidea.pl
Sun Apr 17 21:06:42 BST 2005
>>>The question is how do we deal with is, will there be some kind of
>>>possibility to review what is uploaded? This is because at least Quanta
>>>has executable resources and you don't want to download a toolbar with
>>>a script which does a "rm -fR ~"...
>>
>>That's also my concern regarding incoming Kexi scripts, possible to execut
>>as autorun... We may need to introduce a process of validation for such
>>resources. Even "only trust well known authors" policy is not safe... Maybe
>>GPG signing?
>
>
> Yes. This is a problem. We can't distribute scripts at the moment. This would
> be a security problem for the users.
>
> I can see 3 solutions:
>
> 1. A sandbox system for the scripts in the application. I think this doesn't
> exist at the moment and would be difficult to implement.
I've put a few incomplete thoughts here:
http://www.kexi-project.org/wiki/wikiview/index.php?Scripting#Security_issues
> 2. A review and approval system on KDE-Docs.org. I plan to implement this in
> the future, but I can't say how long this will take.
Valuable addition. A newly uploaded script could be marked as "not reviewed"
first, and unless it's marked as "OK", it may be impossible to download it (at
least for not-logged users?).
> 3. Hosting script on a server where only developers have access. www.kde.org
> or download.kde.org.
download.kde.org requires ftp admin's work, right?
--
regards / pozdrawiam,
Jaroslaw Staniek / OpenOffice Polska / Kexi Team
http://www.openoffice.com.pl | http://www.kexi-project.org
KDElibs/Windows: http://wiki.kde.org/tiki-index.php?page=KDElibs+for+win32
More information about the kde-core-devel
mailing list