Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Custom Addons upload over Webinterface. #1

Open
DxsSucuk opened this issue Jun 21, 2022 · 1 comment
Open

Custom Addons upload over Webinterface. #1

DxsSucuk opened this issue Jun 21, 2022 · 1 comment
Labels
enhancement New feature or request help wanted Extra attention is needed p3 Low priority.

Comments

@DxsSucuk
Copy link
Member

Allow Users to add custom Addons over the Webinterface.
@DxsSucuk DxsSucuk added the enhancement New feature or request label Jun 21, 2022
@DxsSucuk DxsSucuk moved this to To do in Roadmap/TODO List Jul 12, 2022
@DxsSucuk DxsSucuk moved this from To do to Ideas/Concepts in Roadmap/TODO List Jul 12, 2022
@DxsSucuk DxsSucuk moved this from Ideas/Concepts to Roadmap V2 in Roadmap/TODO List Oct 5, 2022
@DxsSucuk
Copy link
Member Author

DxsSucuk commented Jan 21, 2023
edited
Loading

Current Idea would be to allow them to upload a Addon over the Webinterface which will be scanned by a various amount of tools, and then will go to manual checking where the provider of the bot will check the addon themself and check if its okay.
Afterwards it will simply be approved or denied based on the providers decision.

Major Issue about this is, that the provider might not see specific parts on just doesn't know better, so instead of doing that in the first place OR instead of only doing that. There should be a sandbox system integrated into the bot itself, to keep the addons in their own little devil box, to keep them from accessing any other important stuff.

Why? Without a proper sandbox the addon code which might be malicious could easly access the bot token, the SQL Worker and more!

We would need ALOT more checks and prevention lines to keep malicous actors from doing anything. Otherwise we could just remove the whole addon system. Which I dont want to, since its there to allow developers to make additions even quicker without making their complete own version of ree6 and needing to activily update and modify it.

@DxsSucuk DxsSucuk added this to the 2.x.x milestone Jan 28, 2023
@DxsSucuk DxsSucuk removed this from the 2.x.x milestone May 16, 2023
@DxsSucuk DxsSucuk added p3 Low priority. and removed p2 Medium priority. labels Nov 19, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request help wanted Extra attention is needed p3 Low priority.
Projects
Roadmap/TODO List
Status: Roadmap
Milestone
No milestone
Development

No branches or pull requests
1 participant
@DxsSucuk