Plasma::Applet's protected methods hurt the scripting API
Richard Dale
richard.j.dale at gmail.com
Sun Jun 29 19:07:08 CEST 2008
2008/6/28 Aaron J. Seigo <aseigo at kde.org>:
> On Friday 27 June 2008, Paul Giannaros wrote:
>
>
> (btw, examining what we extend is really quite useful since it makes it
> *purposeful* rather than random; for what should be obvious reasons, when
> it
> comes to code we're going to be slinging across the network and onto user's
> desktops this isn't a bad ting
So is the purpose of the ScriptEngine api about security? If you are using
the QtRuby bindings you can do everything you can do in the Qt api and call
Qt::File, Qt::Dir methods or whatever the hell you like.
I really think the C++ based applets shouldn't be loaded directly as KDE
plugins, but should go via a ScriptEngine plugin type of indirection. That
way we could have different plasma package types, implemented as
Plasma::PackageStructures, for C++ such as 'source code', 'i386' or 'ARM'
and so on. But they would all implement the C++ api. I don't think
restricting the api in arbitrary ways, even if you call individual decisions
as 'purposeful' will help with security. If you really want to trust a C++
based plasma applet downloaded from the network, they should be signed with
a well known certificate. Similarly, ScriptEngine based applets would need
to be signed, as implementing a slightly smaller api than the C++ one,
doesn't really help.
-- Richard
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.kde.org/pipermail/panel-devel/attachments/20080629/bfcfb7f8/attachment.html
More information about the Panel-devel
mailing list