Comment by TeMPOraL
8 years ago
This is why we can't have nice things. As you say, such limits weren't necessary - because people in the community weren't assholes. Now, thanks to Kite's abuse, somebody will have to implement a permission system to editor plugins...
That is probably a long time overdue though in the case of editors like Atom.
Simply put; if some unethical corporation can hijack projects like this, then a much more malicious actor can as well. One that isn't as easy to detect, and does much more harm (like harvesting any code or input that looks like it could be private data such as credit cards numbers, SSNs, email and passwordish strings found near each other, etc.).
Extensions, plugins, and what have you are cool, but straying outside of the fairly monitored confines of you OS's controlled packages carries a risk.
Man, where does this crap end? A permission system to click on a menu or type a character? A permission system to draw windows...?
I think there has to be some responsibility from projects that pack such plugins, to police their ecosystem. I can understand browsers having security layers, because they work exclusively with the biggest cesspool of them all (the internet), but stuff as basic as a text editor should not need something like that - if it does, something else has gone deeply wrong with the project.
Interesting that you use browsers as the example of the other end of the spectrum. This particular text editor is built on a browser.
That's very true - it's also the reason I stay the hell away from it :)