Fletch;249921 Wrote: > Interesting. Since you're an experienced plugin author, maybe you can > answer this: With the current plugin API, is it even possible to > intentionally write a plugin that writes or deletes stuff in the music > folder? I hope not.
A plugin is just some perl code, so you can pretty much do anything you want. So unless the file access is restricted in some way by the OS there is no problem to delete a file. I don't think there is a delete operation available in the plugin api though, so you would have to use the standard perl functions to do this. On Windows where many users run SC on an account with administrator privileges it would probably be possible to format the whole disc. So intentionally everything is possible, but I think the risk that someone would do it unintentionally is probably pretty small. I think the biggest risk is probably that the plugin author doesn't realize that he opens a security hole and someone decides to make his SC instance available on the internet. Opening security holes in plugins are probably pretty usual considering the fact that many plugin developers haven't developed in perl before they wrote their first SC plugin. This is one reason why I never would make my SC available on internet with a third party plugin installed (including my own plugins). -- erland Erland Isaksson 'My homepage' (http://erland.homeip.net) 'My download page' (http://erland.homeip.net/download) (Developer of 'TrackStat, SQLPlayList, DynamicPlayList, Custom Browse, Custom Scan, Custom Skip, Multi Library and Database Query plugins' (http://wiki.erland.homeip.net/index.php/Category:SlimServer)) ------------------------------------------------------------------------ erland's Profile: http://forums.slimdevices.com/member.php?userid=3124 View this thread: http://forums.slimdevices.com/showthread.php?t=40818 _______________________________________________ beta mailing list [email protected] http://lists.slimdevices.com/lists/listinfo/beta
