On Wed, 2010-03-17 at 14:24 -0400, Karl Fogel wrote: > > >As for plugins, there should be no grey area. What I said before > >remains true: ~jrandom/.bazaar/plugins should remain unwriteable by > >jrandom. > > I'm not actually sure of this part -- meant to strike it from my > reply. > (That's what I get for finishing an email after a phone call when I > started it before the phone call!) > > I'll have a better answer about plugins after studying more.
There isn't, not without disabling all plugins, which will prevent system wide ones being usable. I see you've proposed a no-plugins patch to turn bzr+ssh back on; I think thats a good first step, but it has two problems: - you haven't guarded against the user setting BZR_PLUGINS_PATH, or the new variable vincent has just added (this won't affect savannah today, but future proofing is good). - we shouldn't stop here ;) -Rob
signature.asc
Description: This is a digitally signed message part