[QGIS-Developer] Enhancing QGIS Development and Security Features Proposition
B. De Mezzo
benoit.de.mezzo at oslandia.com
Fri Nov 3 02:11:24 PDT 2023
Hi Rhea,
same as Johannes "I am in no way able to officially answer but maybe I
can give some thoughts and rhetoric questions":
* QGIS is not designed to handle such security restrictions, it is not
its purpose
* the best way, IMHO, is to limit its network accesses by using
dedicated security software as selinux for linux or advanced firewall
configuration for windows
* the best to discuss these features is "to create QGIS Enhancement
Proposals at https://github.com/qgis/QGIS-Enhancement-Proposals/issues."
Regards.
Le 03/11/2023 à 09:35, Johannes Kröger (WhereGroup) via QGIS-Developer a
écrit :
> Hi Rhea,
>
> I am in no way able to officially answer but maybe I can give some
> thoughts and rhetoric questions:
>
> To me those improvements sound like good ideas. I am not sure how far
> you could lock down Python extensibility considering the existing API.
> And I am not sure if you are aware of the many ways that a QGIS
> environment might use network calls, e.g. a tool like Proj might
> download grids from the internet in some cases, GDAL might try to
> fetch schemas specified in local files, etc. Sandboxing the system
> from the outside is probably much easier and secure.
>
> Are those 40 extensions existing extensions? Are you aware that you
> can strip out the official repository and use your own instead?
>
> It would probably be best to create QGIS Enhancement Proposals at
> https://github.com/qgis/QGIS-Enhancement-Proposals/issues.
>
> And it would be good to proof commitment to maintaining the new
> features in some way or enter the sustaining membership program with
> significant, recurring contributions so that other developers paid by
> the QGIS project can maintain them.
>
> Cheers, Hannes
> _______________________________________________
> QGIS-Developer mailing list
> QGIS-Developer at lists.osgeo.org
> List info: https://lists.osgeo.org/mailman/listinfo/qgis-developer
> Unsubscribe: https://lists.osgeo.org/mailman/listinfo/qgis-developer
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature.asc
Type: application/pgp-signature
Size: 236 bytes
Desc: OpenPGP digital signature
URL: <http://lists.osgeo.org/pipermail/qgis-developer/attachments/20231103/b55f49ce/attachment.sig>
More information about the QGIS-Developer
mailing list