Security/ProcessIsolation/ThreatModel: Difference between revisions

Line 113: Line 113:
Plugins are not planned to be sandboxed yet, since they require their own broker architecture, mostly due to challenges around:
Plugins are not planned to be sandboxed yet, since they require their own broker architecture, mostly due to challenges around:


- filesystem access (file uploads, downloads, media playback)
* filesystem access (file uploads, downloads, media playback)
- auto-update
* auto-update
- potentially registry and network access (binary sockets, etc) - or allow them unlimited access
* potentially registry and network access (binary sockets, etc) - or allow them unlimited access


==General pitfalls==
==General pitfalls==
Confirmed users
717

edits