On Thu, Aug 14, 2008 at 8:02 PM, Brian Cameron <Brian.Cameron at sun.com> wrote: > > Andras/Henry: > >> note: plugins can be installed in ~/.gkrellm2/plugins too > > I thought Henry said that only sysadmins could install plugins. > > If an end-user can install and run plugins, is it possible to exploit > the framework in any way? If someone tricks a user into installing a > malicious plugin, what bad things can happen, if any. > > Does the sysadmin have control over whether plugins in user $HOME > directories get recognized or not?
they are recognized and loaded automatically. check gkrellm.h #define GKRELLM_PLUGINS_DIR ".gkrellm2/plugins" and src/plugins.c i dont see any restriction I don't think that the admin can control it. > > Brian > -- Andy http://blog.sartek.net
