incubator-callback-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Joe Bowser (JIRA)" <j...@apache.org>
Subject [jira] [Created] (CB-1113) Add Verification to Proposed PluginSpec
Date Tue, 24 Jul 2012 17:03:36 GMT
Joe Bowser created CB-1113:
------------------------------

             Summary: Add Verification to Proposed PluginSpec
                 Key: CB-1113
                 URL: https://issues.apache.org/jira/browse/CB-1113
             Project: Apache Cordova
          Issue Type: Bug
          Components: Android, Bada, BlackBerry, iOS, webOS, WP7
            Reporter: Joe Bowser
            Assignee: Joe Bowser
            Priority: Critical


Here's a major problem with plugins.  Right now we have no way to specify to our users which
plugins work and which plugins are harmful.  We have CB-1062 which could be a very powerful
feature, but I'm not going to turn it on because we could change how plugins work with this
feature so that data is stolen.

We need to have some verification mechanism so that we can prevent a malicious plugin from
being used by an unsuspecting user.  I know that they could read the Java code, but given
that our users don't read Obj-C or Java code, this could really hurt them badly.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message