[haiku-bugs] Re: [Haiku] #16219: Move headers needed for decorator add-on to headers/private
- From: "Haiku" <trac@xxxxxxxxxxxx>
- To: undisclosed-recipients: ;
- Date: Tue, 09 Jun 2020 15:56:12 -0000
#16219: Move headers needed for decorator add-on to headers/private
---------------------------------+----------------------------
Reporter: X512 | Owner: stippi
Type: enhancement | Status: new
Priority: normal | Milestone: Unscheduled
Component: Add-Ons/Decorators | Version: R1/Development
Resolution: | Keywords:
Blocked By: | Blocking:
Platform: All |
---------------------------------+----------------------------
Comment (by pulkomandy):
In addition, I’d once again like to argue that I don’t feel that out-of-
tree source code should be using headers from headers/private, as once
again, those apis are “volatile”.
As waddlesplash mentionned, there is a precise rule as to what gets into
private/ and published to the image precisely to avoid problems.
The idea is that we have a libshared.a which is statically linked, and
everything that goes in there is also in the BPrivate namespace. As a
result, compiled apps embed this code and will continue to run fine in
future Haiku versions. We use this as a kind of staging area for work in
progress APIs in a safe way, and when we think the API design is done we
can move these things out of libshared to the appropriate kits.
This of course doesn't work for the decorators.
As for moving the add-ons to a separate server, would that work? You'd
have to set up an IPC to call everytime you want to draw something, right?
What is the performance and complexity cost of this? What happens if the
app_addon_server crashes? What if a malicious add-on messes up with the
IPC in some way? What if it draws a fake password prompt and manages to
intercept keystrokes in some way?
I'm not sure we can easily solve this, except by not allowing decorator
and control look add-ons at all. In any case it needs more thinking and
careful design, and certainly a lot more major changes if we want to have
some kind of security here.
--
Ticket URL: <
https://dev.haiku-os.org/ticket/16219#comment:8>
Haiku <
https://dev.haiku-os.org>
The Haiku operating system.
Other related posts: