[TYPO3-dev] [TYPO3-v4] Removing the feature "Enable extensions without review (basic security check)" from EM
Lars Houmark
lars at houmark.com
Thu May 13 18:27:59 CEST 2010
Hi Ernesto,
Ernesto Baschny [cron IT] wrote:
> 1) extension is not reviewed = like you suggested warning (red): "this
> extension comes from a third party and was not reviewed by security
> blalba, do you really want to install it?"
>
> 2) extension was reviewed = let the user install it with the notice
> (green): "this extension was reviewed by our team at xx.yy.2008. It was
> considered secure at that time, so you are probably on the safe side".
In general, I like the ideas, but I think this should be done in a
separate RFC and considered well and with feedback by as many as possible.
> This way we can continue to have the idea of reviews in the backend and
> use it also for future "class-A" extensions.
Yes, I also had the idea of listing a special icon (maybe with some
context menu) in the list of extensions that is reviewed. This way they
will still get some extra attention, by being reviewed.
--
Lars Houmark
More information about the TYPO3-dev
mailing list