Hi, On Sun, 06 Dec 2015 14:17:36 +0100 meik michalke <[email protected]> wrote: > as for security, it sure is something to deeply care about, and > actually this is not a new problem. in theory, rkward:// links could > already be misused, i guess. a possible scenario could be: fill the > plugin fields with content that, if it ended up in the generated R > code, would rewrite it to do completely different stuff. e.g., > instead of calling an data object "x", call it "x)\nsystem(...)" or > something. this could work with any plugin, unless RKWard provides > some sort of counter measures.
as for counter measures against malicious input, that sounds like an arms race that we cannot possibly win. The very example of offering an easy way to install arbitrary packages, easily, is a bottomless pit in itself. > a first one could be a warning message before the actual dialog is > opened, but that would only make sense if RKWard can detect whether > it was called from its own run-again links (where the warning would > be annoying) or from outside. Yes. Emphasizing the fact that we can't vouch for external links seems pretty much the only way out, as far as I can see. Where rkward:/ links are application-external, they go through "rkward protocol", so there we could add a command-line option to "flag" the request as external (or reuse the "reuse" option for this). > that't where it's added at the moment (called "install from git"). my > feeling was, it should actually be part of the package installation > dialog, but i wouldn't add another tab to it. how about having a > "install from git" button as part of the package install tab? that > wouldn't be too prominent, but at the same time where it would look > for something like that at first. Ok, so the plugin would actually be hidden (as far as defined in the .pluginmap), but it would be accessible from a button in the package management dialog. Sounds doable. Both this, and adding the above warning message will have to wait for post-0.6.4, though. But if you like, you could go ahead and add the plugin to master (I'd suggest embedded.pluginmap, for want of a better alternative), already. Then I'll look into that button. Regards Thomas
pgpqvCJtjcmdx.pgp
Description: OpenPGP digital signature
_______________________________________________ rkward-devel mailing list [email protected] https://mail.kde.org/mailman/listinfo/rkward-devel
