Developer forums (C::B DEVELOPMENT STRICTLY!) > Plugins development

How to execute console commands from wizard?

<< < (3/3)

workwind:

--- Quote from: thomas on October 23, 2006, 09:08:50 am ---While it is true that a plugin could do all of that (and more) too, it is a much more obvious threat. Every user is probably aware of this possibility, and can decide whether or not to take that risk (or could read the sources and recompile the plugin from source).
It is true, too, that I can always ship a makefile that contains a rm /* or some other evil stuff. However, one thing being insecure does not justify making another thing insecure, too (actually I am thinking right now whether it may be a good idea to allow turning off custom makefiles entirely, since most people don't use them anyway).
dering... sounds like IE's standard mode of operation ;)

--- End quote ---
Then you also have to drop support for building executables within Code::Blocks ;-)
The evil script just adds the file evil.cpp, builds the executable and executes it! There is no possibility to make a developement environment worm and virus save, because they are also programms. Every afford in this area will block other users who depend on these features to build their code. I need custom Makefiles, because I use Code::Blocks to build the code for an Atmel AVR microcontroller with my own, custom Makefile.

--- Quote ---
--- Quote ---If a user downloads an evil script from an evil website, is it our responsibility to stop that script from doing harm?
--- End quote ---
Do you work for Microsoft?  :lol:
Just wondering... sounds like IE's standard mode of operation ;)

--- End quote ---
Linux does not stop you from doing everything possible from within a Makefile or the autoconf environment - is there any virus or worm distributing by Makefile or through autoconfig? You may even download bash scripts, running much better under Linux then under Windows ;-)

Navigation

[0] Message Index

[*] Previous page