[rkward-devel] install packages from git

Thomas Friedrichsmeier thomas.friedrichsmeier at ruhr-uni-bochum.de
Sun Dec 6 20:02:01 UTC 2015 

Hi,

On Sun, 06 Dec 2015 14:17:36 +0100
meik michalke <meik.michalke at uni-duesseldorf.de> wrote:
> as for security, it sure is something to deeply care about, and
> actually this is not a new problem. in theory, rkward:// links could
> already be misused, i guess. a possible scenario could be: fill the
> plugin fields with content that, if it ended up in the generated R
> code, would rewrite it to do completely different stuff. e.g.,
> instead of calling an data object "x", call it "x)\nsystem(...)" or
> something. this could work with any plugin, unless RKWard provides
> some sort of counter measures.

as for counter measures against malicious input, that sounds like an
arms race that we cannot possibly win. The very example of offering an
easy way to install arbitrary packages, easily, is a bottomless pit in
itself.
 
> a first one could be a warning message before the actual dialog is
> opened, but that would only make sense if RKWard can detect whether
> it was called from its own run-again links (where the warning would
> be annoying) or from outside.

Yes. Emphasizing the fact that we can't vouch for external links seems
pretty much the only way out, as far as I can see. Where rkward:/
links are application-external, they go through "rkward protocol", so
there we could add a command-line option to "flag" the request as
external (or reuse the "reuse" option for this).

> that't where it's added at the moment (called "install from git"). my
> feeling was, it should actually be part of the package installation
> dialog, but i wouldn't add another tab to it. how about having a
> "install from git" button as part of the package install tab? that
> wouldn't be too prominent, but at the same time where it would look
> for something like that at first.

Ok, so the plugin would actually be hidden (as far as defined in the
.pluginmap), but it would be accessible from a button in the package
management dialog. Sounds doable.

Both this, and adding the above warning message will have to wait for
post-0.6.4, though. But if you like, you could go ahead and add
the plugin to master (I'd suggest embedded.pluginmap, for want of a
better alternative), already. Then I'll look into that button.

Regards
Thomas
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://mail.kde.org/pipermail/rkward-devel/attachments/20151206/67a13e89/attachment.sig>

More information about the rkward-devel mailing list