Posts: 6,252
Joined: Jun 2009
Reputation:
115
da-anda
Team-Kodi Member
Posts: 6,252
I doubt a PR implementing a sandbox for add-ons would be denied, but who is willing to do it? That's the question since years, as this topic came up over and over again.
Posts: 758
Joined: Jun 2014
Reputation:
31
MrMC
Posting Freak
Posts: 758
I already suggested what to do, it was rejected as too restrictive.
Side note, webserver also needs sandboxing and sanitization of what can be fetched. I'm sure a lot of people would be dismayed to realize that sources.xml and passwords.xml can be snatched out will little regard to the fact that both of these files contain username/passwords (in clear text). There is no reason I can think up to access these files from the webserver.
MrMC fork plugged that hole and access outside the webserver location for iOS/tvOS and is about to plug it for FireTV.
Posts: 7,133
Joined: May 2011
Reputation:
381
I brought up the same concept concerning plugin authentication, idea was rejected in flames...
Posts: 37
Joined: Jan 2012
Reputation:
1
2016-05-03, 00:59
(This post was last modified: 2016-05-03, 01:01 by metalkettle.)
I agree that certain actions of SOME 3rd party developers can be seen to be wrong, and messing with people's systems outside and inside of kodi is wrong if done with malice. But this then begs the question, how does anyone know? I agree.
As an example. I have written an addon specifically for openelec. It writes executables to the openelec install and runs them. This then alters the way openelec works.
The addon in question is an one which sets up and runs a vpn on an openelec system. This to most will be a benefit. There is no malice or danger intended. Just a solution to a problem which involves running applications outside kodi and altering the way kodi works at an os level. Is this wrong?
Posts: 31,445
Joined: Jan 2011
(2016-05-03, 00:59)metalkettle Wrote: I agree that certain actions of SOME 3rd party developers can be seen to be wrong, and messing with people's systems outside and inside of kodi is wrong if done with malice. But this then begs the question, how does anyone know? I agree.
As an example. I have written an addon specifically for openelec. It writes executables to the openelec install and runs them. This then alters the way openelec works.
The addon in question is an one which sets up and runs a vpn on an openelec system. This to most will be a benefit. There is no malice or danger intended. Just a solution to a problem which involves running applications outside kodi and altering the way kodi works at an os level. Is this wrong?
OpenELEC is a bit different, because "add-ons" are both real Kodi add-ons as well as a way to install outside packages/programs/etc.
In a perfect world this "other" type of add-on would either be replaced by another method, or require the user to approve some warning message. Same idea as what you see on Windows or Mac OS X, where some application installs try to write to an area normally reserved for the OS. It would likely be an option specific for things like OpenELEC, LibreELEC OSMC, Kodibuntu, etc.
Posts: 16,946
Joined: Feb 2011
Reputation:
256
How come that you think anyone of us has a concept for sandboxing addons? We use libpython which can access everything that the python runtime offers - we don't really have control over it. The only thing i can think of is wrapping calls from libpython that might be used in a dangerous way - but that could be the whole c api... - so whoever thinks this is easy - come forward with an idea please.
AppleTV4/iPhone/iPod/iPad: HowTo find debug logs and everything else which the devs like so much:
click here
HowTo setup NFS for Kodi:
NFS (wiki)
HowTo configure avahi (zeroconf):
Avahi_Zeroconf (wiki)
READ THE IOS FAQ!:
iOS FAQ (wiki)