I don't understand why such a bundle-loading mechanism is considered a
security hole. IMO, the proper response to security concerns is to
sandbox untrusted code; of course, that's outside the scope of GNUstep.
More generally, a generic mechanism for loading additional modules at
runtime, such as this one, allows developers to extend a platform in
ways that the platform's creators or maintainers didn't foresee. It's
worth noting that GTK+ has the GTK_MODULES variable for loading extra
modules at startup. Back in the GTK 1.x days, that mechanism was used
to develop a prototype screen reader for GTK, before there was a proper
accessibility API. More recently, I've seen that the Openmoko project
has a module called libgtkstylus that's loaded through that same
variable. Anyway, I would strongly discourage removing a simple feature
that increases the extensibility of GNUstep. But maybe I just don't
understand the security risk.
Matt
_______________________________________________
Discuss-gnustep mailing list
[email protected]
http://lists.gnu.org/mailman/listinfo/discuss-gnustep
