From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: Chad Brown Newsgroups: gmane.emacs.devel Subject: Re: user-controlled load-path extension: load-dir Date: Fri, 4 Mar 2011 12:25:22 -0800 Message-ID: References: <87sjv6r38q.fsf@lifelogs.com> <87fwr264r6.fsf@lifelogs.com> NNTP-Posting-Host: lo.gmane.org Mime-Version: 1.0 (Apple Message framework v1082) Content-Type: multipart/alternative; boundary=Apple-Mail-11-988058752 X-Trace: dough.gmane.org 1299270401 24012 80.91.229.12 (4 Mar 2011 20:26:41 GMT) X-Complaints-To: usenet@dough.gmane.org NNTP-Posting-Date: Fri, 4 Mar 2011 20:26:41 +0000 (UTC) Cc: emacs-devel@gnu.org To: Ted Zlatanov Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Fri Mar 04 21:26:33 2011 Return-path: Envelope-to: ged-emacs-devel@m.gmane.org Original-Received: from lists.gnu.org ([199.232.76.165]) by lo.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1Pvba3-00078Q-68 for ged-emacs-devel@m.gmane.org; Fri, 04 Mar 2011 21:26:31 +0100 Original-Received: from localhost ([127.0.0.1]:42404 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1Pvba2-0000Ho-Hm for ged-emacs-devel@m.gmane.org; Fri, 04 Mar 2011 15:26:30 -0500 Original-Received: from [140.186.70.92] (port=47412 helo=eggs.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1PvbZu-0000Ga-De for emacs-devel@gnu.org; Fri, 04 Mar 2011 15:26:23 -0500 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1PvbZr-0004cD-FX for emacs-devel@gnu.org; Fri, 04 Mar 2011 15:26:22 -0500 Original-Received: from dmz-mailsec-scanner-6.mit.edu ([18.7.68.35]:42742) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1PvbZr-0004bu-Cv for emacs-devel@gnu.org; Fri, 04 Mar 2011 15:26:19 -0500 X-AuditID: 12074423-b7bd0ae000000a00-c6-4d714aeade8e Original-Received: from mailhub-auth-3.mit.edu ( [18.9.21.43]) by dmz-mailsec-scanner-6.mit.edu (Symantec Brightmail Gateway) with SMTP id 33.08.02560.AEA417D4; Fri, 4 Mar 2011 15:26:18 -0500 (EST) Original-Received: from outgoing.mit.edu (OUTGOING-AUTH.MIT.EDU [18.7.22.103]) by mailhub-auth-3.mit.edu (8.13.8/8.9.2) with ESMTP id p24KQIus001324; Fri, 4 Mar 2011 15:26:18 -0500 Original-Received: from [10.0.1.3] (c-67-183-32-38.hsd1.wa.comcast.net [67.183.32.38]) (authenticated bits=0) (User authenticated as yandros@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.6/8.12.4) with ESMTP id p24KQFSh005383 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NOT); Fri, 4 Mar 2011 15:26:17 -0500 (EST) In-Reply-To: <87fwr264r6.fsf@lifelogs.com> X-Mailer: Apple Mail (2.1082) X-Brightmail-Tracker: AAAAARePPVM= X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 2) X-Received-From: 18.7.68.35 X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.devel:136775 Archived-At: --Apple-Mail-11-988058752 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=us-ascii On Mar 4, 2011, at 11:54 AM, Ted Zlatanov wrote: >=20 > The only reason I can think why this would not be acceptable is > security. Otherwise this makes a lot of sense. >=20 > For security I would propose checksumming any code in the load-dir and > when new files are added or existing files are changed, query the user > and store a file checksum in an alist. This would have to happen the first time the user loaded any package, or = you have no security. If you do this the first time the user has loaded = any package, you have removed the `automatically' part of your proposed = system, which is the only real advantage it has. The only way your proposal seems (to me) to be an improvement is if we = train users to ignore the security questions and just always click on `I = agree'. I hope you agree that that isn't a good idea. Modern users have been trained to expect `Extensions' and `Add-Ons', and = don't seem to mind picking from a list (for things like FireFox, a very = large list with many overlapping choices). I think that's a better user = model to follow. I hope that helps, *Chad --Apple-Mail-11-988058752 Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=us-ascii

The only reason = I can think why this would not be acceptable is
security. =  Otherwise this makes a lot of sense.

For security I would = propose checksumming any code in the load-dir and
when new files are = added or existing files are changed, query the user
and store a file = checksum in an alist.

This = would have to happen the first time the user loaded any package, or you = have no security. If you do this the first time the user has loaded = any package, you have removed the `automatically' part of your proposed = system, which is the only real advantage it = has.

The only way your proposal seems (to me) = to be an improvement is if we train users to ignore the security = questions and just always click on `I agree'.  I hope you agree = that that isn't a good idea.

Modern users have = been trained to expect `Extensions' and `Add-Ons', and don't seem to = mind picking from a list (for things like FireFox, a very large list = with many overlapping choices). I think that's a better user model to = follow.

I hope that = helps,
*Chad

= --Apple-Mail-11-988058752--