https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20340
--- Comment #56 from David Cook <dc...@prosentient.com.au> --- (In reply to Martin Renvoize from comment #51) > (In reply to Fridolin SOMERS from comment #50) > > > have a granular set of permissions on the server > > What about adding to koha-conf.xml a boolean to allow or not uploading > > plugins ? > > If not allowed only system admin can add plugins. > > > > My 2c > > You can already enable and disable plugins entirely from koha-conf can't > you.. I was thinking more having classifactions of plugins so you could > allow a whitelist of supported ones for example.. or say.. all cataloguing > plugins but not auth plugins. > > I like the idea of a whitelist. I think Fridolin was talking about leaving plugins enabled, but disabling the ability to upload via the Web UI. I've thought about doing this myself. A whitelist could be interesting. I also liked your mention earlier about signed plugins. One way of whitelisting could be to only allow plugins signed by keys you trust. I mean... that's how a lot of software installers already work, right? -- You are receiving this mail because: You are watching all bug changes. _______________________________________________ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/