https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23890
Bug ID: 23890
Summary: Plugins that utilise possibly security breaching hooks
should warn
Change sponsored?: ---
Product: Koha
Version: master
Hardware: All
OS: All
Status: NEW
Severity: enhancement
Priority: P5 - low
Component: Tools
Assignee: [email protected]
Reporter: [email protected]
QA Contact: [email protected]
Bug 22706 introduces a hook for plugins which would allow plugin authors to
nefariously steal user credentials.
We should implement a whitelist/blacklist approach for plugin hooks such that
the end-user is warned about such possible issue upon plugin installation.
Perhaps we should even implement something akin to access permissions as found
on the android app store where you can grant specific rights to a plugin upon
it first asking for said capability.
--
You are receiving this mail because:
You are the assignee for the bug.
You are watching all bug changes.
_______________________________________________
Koha-bugs mailing list
[email protected]
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/
