Plugin Security
-
What is the possibility of a malicious plugin being created? I know plugins have access to your hard drive and network, but to what degree? Could a plugin wipe out your hard drive or send private information over the network?
There is in reality a very, very small chance of a malicious plugin going un-detected. But still, the risk is not zero.
(split from this topic: http://www.sketchucation.com/forums/scf/viewtopic.php?f=180&t=10709)
-
This is true Jim, and has been since day 1. But that's not the topic.
The bottom line is know your source for ruby scripts. If in doubt, don't download or run.
-
@unknownuser said:
This is true Jim, and has been since day 1. But that's not the topic.
The bottom line is know your source for ruby scripts. If in doubt, don't download or run.
And we're just now getting around to informing everyone else? Shame on us. It might be a good idea to inform everyone else, and then create some common-sense guidelines.
-
No, we're not just getting around to informing everyone else. I could find some links to posts made in July 2004 about the same exact topic.
Ruby scripts, just like ANY OTHER PROGRAM you download or create yourself, have the potential for being malicious.
I don't consider it my duty to tell all of Google's SketchUp users that some dingbat might get their rocks off on writing a malicious program that interfaces with SketchUp.
-
Let me clear up a remark I made at the top of this thread, and even my followup posts.
When I said "that is not the topic", I thought I was posting to Lewis's thread about a Ruby vulnerability that applies to people who use Ruby on a server for websites.
However, this thread, your topic, certainly applies, and yes, you can do just about anything you want with Ruby.
Advertisement