On 07/10/2018 06:15 AM, shiva reddy wrote: > I don't think so. Since all plugins goes through approval mechanism, I > think it is not unsafe. Rather increase the plugin user base. > Even if we want to not allow this .In that case, We should have > mechanism by which QGIS itself does installation of external > dependencies based on approved plugin's metadata. > It will ease the life of plugin developers for sure. > > Shiva
> Just taking a step back here -- is this something we actually want to > support/allow in plugins? > > Seems to me like it opens the door for all sorts of security issues. > > Nyall @shiva: the 'approval mechanism' is done by humans, and a lot of work, as there are a lot of dev releasing small changes of their plugins... So I would not count on that for security. We have been talking about running some (security) rules over the plugin sources before approval, but... nobody implemented it yet. @nyall: as I said earlier in this thread, we have been talking about adding the pip-command in the metadata.txt. That is better, yes? I agree with you, Shiva's way has some security issues, but I was thinking that we could do a grep on the sources of a plugin automatically, to search for the subprocess line, and check if something else then pip is called? It IS a friendly way of installing (well, as we keep it in user space...). If we could make it being installed in a QGIS Virtual Env or even in a venv per plugin that would be safer? Others? Regards, Richard Duivenvoorde _______________________________________________ QGIS-Developer mailing list [email protected] List info: https://lists.osgeo.org/mailman/listinfo/qgis-developer Unsubscribe: https://lists.osgeo.org/mailman/listinfo/qgis-developer
