Interesting, I may make a version that requests an app folder instead. :) <https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail&utm_term=icon> Virus-free. www.avast.com <https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail&utm_term=link> <#DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2>
On Sat, Mar 18, 2017 at 5:28 AM, Dragon Cotterill < [email protected]> wrote: > > > On Thursday, 16 March 2017 20:06:45 UTC, Arlen Beiler wrote: >> >> >> If anyone else would like to host their cloud connecting app on this >> site, let me know and I will setup a repository for you. I'm also going to >> add Jeremy as an admin to the organization. >> >> > As somebody who deals with security issues everyday, I'm going to say > "No", and here's why. > > The permissions you've set for you app requests unrestricted access to the > user's Dropbox account. Which means that your system can access any file, > in any directory. Whilst many people think that this only allows the user > to trigger the interactions, selecting the necessary files as they wish, it > does not restrict your API calls from perform additional requests at the > same time. You may be honourable in your intentions and it's a good system, > but there is the potential for abuse. > > Now if the system was to only request the App Folder permission then this > would be a lot better. The DB API system would prevent unwarranted > intrusion and permit access to be restricted to files just within that > folder. > > -- > You received this message because you are subscribed to the Google Groups > "TiddlyWiki" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To post to this group, send email to [email protected]. > Visit this group at https://groups.google.com/group/tiddlywiki. > To view this discussion on the web visit https://groups.google.com/d/ > msgid/tiddlywiki/ac45370d-780a-4d98-b4ab-e118e0fa495b%40googlegroups.com > <https://groups.google.com/d/msgid/tiddlywiki/ac45370d-780a-4d98-b4ab-e118e0fa495b%40googlegroups.com?utm_medium=email&utm_source=footer> > . > > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "TiddlyWiki" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/tiddlywiki. To view this discussion on the web visit https://groups.google.com/d/msgid/tiddlywiki/CAJ1vdSQvyqtPk%3Dk2kBwutwo77O0iLDenhMCnGtjAfTECSZ_X1g%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
