Skip to main content
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [ease-dev] GSoC Signing Scripts
Hi Christian,

I have updated the patch for script verification.
See https://git.eclipse.org/r/#/c/79396/3 and comments.

Thanks,

On Sun, Aug 21, 2016 at 2:20 AM Christian Pontesegger <christian.pontesegger@xxxxxx> wrote:
Just added a patch that allows to register arbitrary security checks
before any script execution [1]. Hope that helps you to implement your task.

[1] https://git.eclipse.org/r/#/c/79399/


On 08/20/2016 09:54 PM, Christian Pontesegger wrote:
> Hi Varun,
>
> signature check belongs to the engine directly. I guess we discussed
> that topic already some weeks ago. Think of a main script that is
> correctly signed. When you check that in the launcher you might think
> everything is fine. Now that script includes a second source that
> contains unsigned code. It would load and execute it without checking
> and without informing the user.
>
> User popups would be something that needs to be registered to the
> engine directly which then could run the callback in case of a
> problem. These things are not in place so far and I really doubt that
> they will be until pencils down by tomorrow.
>
> Regarding your UI problem I would always use a treeviewer over a plain
> tree. However this is not a pressing topic anymore so we might skip it
> entirely.
>
> Christian

_______________________________________________
ease-dev mailing list
ease-dev@xxxxxxxxxxx
To change your delivery options, retrieve your password, or unsubscribe from this list, visit
https://dev.eclipse.org/mailman/listinfo/ease-dev
--
Varun Raval

Back to the top