Plugins folder permissions and PC secruity

samyell77

Hi all,
Our IT security settings have been changed recently at work and our security and permissions settings have been removed meaning we can't download and install files onto our PC's. While I totally understand the need for PC security Im struggling to get the IT department to understand why I need read and write permissions to the plugins folder. Im being told that Im not allowed to read / write to any system folder and that I need to ask for someone to come and grant me access to the plugins folder every time I want to install an new plugin which isn't really practical. Ive been told to download ALL the plugins and then just turn off the ones I don't need - after I explained that there were thousands of them and that there are updates to existing plugins and brand new plugins being written daily I said I'd go away and see if there is any other way around it.

Im hoping that I can just get access to read and write to this folder as per TIGs post on this thread:
http://sketchucation.com/forums/viewtopic.php?f=323&t=54054
Ive read that if I run Sketchup as admin
http://sketchucation.com/forums/viewtopic.php?f=15&t=52462&start=30
I will have read / write permissions but not sure again if my IT department will see this as a security threat.

Has anyone come up against this and solved it either by managing to convince IT departments that its not a threat or by making SU load plugins from a 'non system' folder ie. putting a plugins folder in 'my documents' or similar where I do have permissions. I found this thread detailing how to do this on SU8 but it sounds like there are issues with some plugins that have to be in the actual plugins folder.
http://sketchucation.com/forums/viewtopic.php?f=323&t=35877

I really just want to be able to use SU in the way I always have so am looking for either:

1. a simple low tech solution that won't worry the IT department and raise concerns about a security issue1. some convincing advice or info that explains why having read and write permissions for the plugins folder is not a security threat

Any help greatly appreciated as always...

TIG

Restricted permissions to the central Plugins folder are common in larger networked organizations and educational establishments where IT guys are worried you'll accidentally do something bad...
You can have your own custom-plugins folder.
Get Fredo's Additional Folders plugin...
You need to convince your IT guys to install that plugin in the main Plugins folder, so that it auto-loads at startup.
By using it you can then setup your own personal Plugins folder - perhaps in an AppData 'Roaming' location so it works across the network and is available at your login on any PC?
You need to agree a common location for all users to aid IT management later...
That way you can have control over the plugins each user has auto-loading...
The SketchUcation Plugins Manager and the AutoInstaller will spot that your $LOAD_PATH has a custom-folder - and possibly that the main Plugins folder is not accessible... then offer you the choice to install into that location...

If there's a central set of common plugins, then these can either be kept in the main Plugins folder and kept up to date by the IT gang, or the IT guys can 'robocopy' sets of plugin files/subfolders from a central repository into each users personal folder - which they can also manage themselves...

Future PC versions of SketchUp will hopefully follow the MAC route and have the main user's Plugins folder in a readily accessible location... This will avoid this issue... but until then Fredo + SCF toolset offers personal plugin management and installation...

Your IT guys are on a sticky wicket if they want to control ALL plugins use, because you can download a plugin to any folder you have full rights to, the in the Ruby Console just type:
Sketchup::load("full_path_to_loader_rb")
[or RBS file although you can never be sure what they are doing because they are encrypted...]
that then loads the script's code/tool[s] into that SketchUp session...
Obviously it is unwise to install ANY script you don't trust, because Ruby code can access some parts of your system and then change things ! But this is inevitable with any setup that allows plugins...
Without plugins Sketchup [and many other apps] are impotent...

samyell77

Thank you TIG - this is just the kind of info I was after. I'll print this out and sit back down with the IT guys on Monday and see what we can come up with.

@tig said:

Your IT guys are on a sticky wicket if they want to control ALL plugins use, because you can download a plugin to any folder you have full rights to

We don't have permissions to anything other than our user folders (my docs ect) and we only download .rb and .rbs files from sketucation / smustard that have reviews and credible history but yes I get what you are saying. As I said I fully understand the need for PC security, just want an easy workaround (which you have provided) that enables me make full use of the flexibility and power that plugins provide in SU. Hopefully this will be ok with our IT guys.
Thanks again for the speedy response - as always much appreciated....