[Koha-bugs] [Bug 23890] Plugins that utilise possibly security breaching hooks should warn
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Wed Oct 30 07:57:57 CET 2019
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23890
--- Comment #7 from Martin Renvoize <martin.renvoize at ptfs-europe.com> ---
I envisage somewhat of a mix of the two.. keys administered by system
administrators via the command line and searchable repositories via the UI for
end users. That combination should allow us to have vendor trusted plugins that
are whitelisted at the serverside level but open up the searchability and
intallability options to the end users.
I did like the idea of a centralised plugin directory allowing for reviews of
plugins and ease of discovery and have had that side of things in mind for a
while.. but again, that could utilise a similar philosophy of searching git
hosting for plugins that match a certain criteria.
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list