Review Request: some basic plasmoid security

Aaron Seigo aseigo at kde.org
Tue Mar 3 17:28:51 CET 2009 

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
http://reviewboard.kde.org/r/209/#review347
-----------------------------------------------------------

Ship it!


so this falls under the umbrella of "cooperative security", and it's a good start. we'll need to add gpg signing and API removal (only possible in the scripted environments) to complete this. 

- Aaron


On 2009-02-28 21:20:52, Chani wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> http://reviewboard.kde.org/r/209/
> -----------------------------------------------------------
> 
> (Updated 2009-02-28 21:20:52)
> 
> 
> Review request for Plasma.
> 
> 
> Summary
> -------
> 
> here's the beginning of some really basic security for plasmoids.
> the idea is, shells (like plasma-overlay) can specify a list of constraints in their desktop file, and then all plasmoids that require the disabled feature don't show up in the appletbrowser. also, plasmoids that would like a certain feature but don't *need* it can check isAllowed and turn it off when it's not allowed.
> I've added a single constraint (not in this patch) to plasma-overlay: FileDialog. now all plasmoids exposing a filedialog can be disabled or made safe. I've also made the comic plasmoid not offer a "save as" option when that constraint is active.
> 
> possible problems:
> -the API isn't designed for constraints changing at runtime. does anyone think that's likely to matter someday?
> -I have no idea how this will affect alien widgets (google gadgets etc). personally I'd be fine with banning those from the screensaver until proper, full security can be implemented.
> -if certain requirements aren't listed, they default to false. this means plasmoids that haven't been checked are treated as safe by default. that should probably be flipped before release. I'm also considering switching from a bunch of bools to a stringlist in the .desktop files.
> -this security relies on the applet writers to specify in the desktop file what their applet needs. this means I need to let people know how to do so, and trust them to keep their applets up to date. there are also some orphan plasmoids in svn that should be checked over before each release.
> -I still haven't made a final list of constraints. I really need to do that, and document what exactly falls under each one, so that I don't end up confusing plasmoid writers.
> 
> 
> Diffs
> -----
> 
>   trunk/KDE/kdelibs/plasma/applet.h 932484 
>   trunk/KDE/kdelibs/plasma/applet.cpp 932484 
> 
> Diff: http://reviewboard.kde.org/r/209/diff
> 
> 
> Testing
> -------
> 
> 
> Thanks,
> 
> Chani
> 
>

More information about the Plasma-devel mailing list