Hello, One of the reasons I install only the essential plugins is the fact we have no sandboxing.
No IDE has plugins sandboxing, but we can do better. There is a wide array of plugins that need very little permissions (eg. the highly rated "Toggle line wrap") and users would install them without worries. Having a sandbox would also make a plugin review simpler. The less and lower impact permissions a plugin needs, the easier to review. On most machines whatever overhead a security manager would have is tolerable. Module creators would have to add the global tag OpenIDE-Policy and define a standard privacy policy file (which we could enhance with IDE-specific permissions). Of course, we would need to display some nicer UI when installing in order to explain the user what kind of permissions the plugin needs. Since the permissions are checked at runtime we could also have (another) user dialog then. I will start looking at the existing code and see about a proof of concept. Let me know your opinion. --emi
