Dr. Michael Gerz wrote:
Hello,are there any security mechanisms within trac (or python) to make sure that a trac plugin does not compromise the whole trac server? Are there any restrictions on the execution of trac plugins?
Nope, nor is such thing possible. Python currently has no systems for restricted execution. Several have been looked at, but they are to be considered academic exercises at best. All plugins execute in the same memory space as trac itself, and therefore can do anything it can. In practical terms this means that plugins are programs operating with the permissions of your web server.
--Noah
signature.asc
Description: OpenPGP digital signature
