[Typo3-dev] New Extension: to be released or not

Michael Stucki mundaun at gmx.ch
Fri Sep 5 01:13:25 CEST 2003


Dennis Petersen wrote:

> I agree.. it would be lovely to use, however I agree with Andreas that as
> a public domain easily accessible extension it will in the media pose as a
> potential security risk... not a good reputation...

ACK! They don't care that I could also install such a tool manually.
I think they would just say: "It's a feature of TYPO3, so TYPO3 is evil!"

> But then again.. dan has a good side note.. (p.s. perhaps having a special
> user/user-group in *nix - e.g. T3Users, who can only do certain things..?)
> and this would mean that the sysadmin actively would have to configure the
> *nix box in order to make the extension work on an installation...

I think this is a bad idea. How do you want Apache (=www-data) to run a
shell as a different user? You would need to setup something like a
chrooted environment, which makes things more and more complicated.
If you ask me - Just keep it simple and easy!

In my opinion, you should keep this extension hidden or separate it very
clear from the official extension repository. Another idea would be to
simply provide a t3x file on your website.

Cheers - michael
-- 
Want support? Please read the list rules first: http://typo3.org/1438.0.html




More information about the TYPO3-dev mailing list