[Koha-bugs] [Bug 7804] Add Koha Plugin System

bugzilla-daemon at bugs.koha-community.org bugzilla-daemon at bugs.koha-community.org
Mon May 21 22:42:17 CEST 2012 

http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=7804

Chris Cormack <chris at bigballofwax.co.nz> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |chris at bigballofwax.co.nz

--- Comment #23 from Chris Cormack <chris at bigballofwax.co.nz> ---
(In reply to comment #22)
> (In reply to comment #21)
> > I've done some more thinking about the security implications of the plugin
> > system. I think the following are required for this to be sufficiently
> > secure for use:
> > * Both a syspref *and* a configuration setting in koha-conf.xml should be
> > required to enable plugins, and both should be disabled by default.
> > * Even when plugins are enabled, a separate koha-conf.xml configuration
> > setting should be required to enable upload from the staff client.
> > * The plugins should be loaded with Module::Load::Conditional, and each type
> > of plugin (Tools, Reports, etc.) should use a different interface. e.g.
> > Koha::Plugin::Foobar->run_report() and Koha::Plugin::Foobar->run_tool()
> > * The plugin host should enable mandatory taint checking.
> > * Under no circumstances should the plugin feature add a +Exec directory.
> 
> I can understand the configuration setting requirements. However, I cannot
> understand how to use Module::Load::Conditional, even after looking at the
> example patch you pointed me to. I don't feel it is quite fair to require
> the use of a poorly documented perl module. Can you please justify these
> requirements?

You have read 
http://search.cpan.org/dist/Module-Load-Conditional/lib/Module/Load/Conditional.pm
eh? I don't find it particularly badly documented. ABd it is part of Perl core,
so is not a new dependency

Module::Load::Conditional is but one way of solving a loading modules on the
fly. I am sure you understand why an +Exec directory is a bad idea, and why
using taint is a good one. As well as being off by default and unable to be
turned on via the web is a good one.

-- 
You are receiving this mail because:
You are watching all bug changes.

More information about the Koha-bugs mailing list