[Typo3-dev] Security: limit extension available to install
Sven Wilhelm
wilhelm at icecrash.com
Thu Jan 13 17:24:25 CET 2005
Hi Peter,
> Signed or not signed, viewed or CENSORED that's not the point. I would
> highly appreciate if an admin - I mean a person who knows what (s)he
> does - would be able to set up or define what's on the whilelist and
> what's not and which extension will be available on a server to be
> included.
agree with that.
Then the simplest solution could be to define a new file possible
xml-based and with a DTD that defines that list.
One security MUST then is that an EM that has such a feature cannot be
exchanged by another one. But I see now big problems with that.
The reason why I'm so hardly refer to an xml-based format is that the
new TER will provide the extension list in that format as I know from
Robert and that you can easy develop a tool for building this list then.
Greets Sven
More information about the TYPO3-dev
mailing list