- Yes, I was assuming too that updates will be posted either by trusted 
coders or through pull requests from people not in the dev team.

- Agree, a new file might be in order for those extra commands

Say we make a new file that will include commands that will be loaded when 
Leo loads.

Why dont we force all the @command nodes in that file to have this body:

"
def my_new_command():
    @others
my_new_command()
"
This is easy to check by the module that loads such file, and it guarantees 
those commands will only be executed when called. (Unless there is a way to 
escape a function from within and run commands globaly...)

- Their subtree will contain the code.
- Such code will only run when the @command is called.
- Only @command nodes allowed (no @script, etc)
- @command names must start with same prefix, for the user to know about it 
"uc-" or whatever you decide.
- Possibly, a "@bool" setting in leosettings would allow those commands to 
be loaded or not, so we make sure the user knows that the prefix means 
before having access to the "uc" commands.

So even is some malicious code is updated, there are many things not to be 
noticed before it actually gets anywhere.

Brainstorming here, forgive my ignorance in python security hehe.

-- 
You received this message because you are subscribed to the Google Groups 
"leo-editor" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
To post to this group, send email to [email protected].
Visit this group at http://groups.google.com/group/leo-editor.
For more options, visit https://groups.google.com/d/optout.

Reply via email to