|
|
|
|
|
|
by habitue
812 days ago
|
|
|
Right, but it can control the editor indirectly through that API surface, and the editor can write to the filesystem. It's definitely more secure than running a non-sandboxed executable, but the entire point of a plugin is to have an effect on the editing process, and the entire point of the editor is to modify files on the filesystem. As long as that's true there's a casual mechanism for an untrusted plugin to do damage. |
|
|