2017-09-05, 00:23
Just another idea : an addon can only be updated from kodi.tv or an devrepo url in the addon.xml . Wouldnt it solve security and the problem of dev versions ?
2017-09-05, 08:32
Same thing suggested a while back: https://forum.kodi.tv/showthread.php?tid...pid2640018
And yes, that would solve the development version issues.
And yes, that would solve the development version issues.
2017-09-05, 14:21
If this is all about the user not knowing that an addon obtained from the official repo maybe update by another repo installed, then can't we have a pop up message when this happens, so something like:
Youtube update
Youtube was installed from repository.xbmc.org
There is a new update available from repository.xyz.org
Do you wish to update?
[Yes] [No]
Youtube update
Youtube was installed from repository.xbmc.org
There is a new update available from repository.xyz.org
Do you wish to update?
[Yes] [No]
2017-09-05, 17:36
(2017-09-05, 14:21)jjd-uk Wrote: If this is all about the user not knowing that an addon obtained from the official repo maybe update by another repo installed, then can't we have a pop up message when this happens, so something like:
Youtube update
Youtube was installed from repository.xbmc.org
There is a new update available from repository.xyz.org
Do you wish to update?
[Yes] [No]
Bingo... perfect solution in my mind so far, I'm always about giving the user the power/choice to choose
Default is always yes to update from xbmc.org (in case users are quick to click or even confused)
2017-09-05, 19:37
Since security concerns have also been mentioned then perhaps include some sort of warning message. for example:
Youtube update
Youtube was installed from repository.xbmc.org
There is a new update available from repository.xyz.org
Warning - check that you can trust the source of this update before proceeding.
Do you wish to update?
[Yes] [No]
Youtube update
Youtube was installed from repository.xbmc.org
There is a new update available from repository.xyz.org
Warning - check that you can trust the source of this update before proceeding.
Do you wish to update?
[Yes] [No]
2017-09-06, 08:42
@jjd-uk - to do this, we'd have to keep track on where the add-on is coming from - likely in the DB. Malicious add-ons already mess with the DB and thus could simply change the related DB value and override add-ons to their liking. This ofc requires that at least 1 malicious add-on has already been installed (some wizard f.e.).
2017-09-06, 09:53
(2017-09-05, 14:21)jjd-uk Wrote: If this is all about the user not knowing that an addon obtained from the official repo maybe update by another repo installed, then can't we have a pop up message when this happens, so something like:
Youtube update
Youtube was installed from repository.xbmc.org
There is a new update available from repository.xyz.org
Do you wish to update?
[Yes] [No]
Boy, that would mean you get like 15 popups when you install some repos? Perhaps 3-5 per day after that?
2017-09-06, 11:12
Personally don't see it as an issue as I'm used to getting similar from Android Play Store.
2017-09-06, 13:54
I might be wrong but this looks to me just like a shot aimed at third party addons, I dont see an issue so urgent or bad to justify this override measure.
I always read that Kodi doesn't care about what user do with their kodi installation, nor it tries to force people to use something, but using this feature is like feeding people with what you decide them to use or not.
If you use Kodi for just legit purposes, which the Kodi Team always suggests to do, you dont have the problem of installing un-trustworthy addons so you shouldn't have the need to worry about overriding ids, this problem only comes when you usually install sketchy repos, usually pirate ones, or wizard-builds, and even in the latter case you shouldn't be taking this in such a serious consideration to justify an action like this, after all you don't mind if users use Kodi for pirated content right? it's their fault if they have a sketchy repo so why bother?
I am missing the point here
I always read that Kodi doesn't care about what user do with their kodi installation, nor it tries to force people to use something, but using this feature is like feeding people with what you decide them to use or not.
If you use Kodi for just legit purposes, which the Kodi Team always suggests to do, you dont have the problem of installing un-trustworthy addons so you shouldn't have the need to worry about overriding ids, this problem only comes when you usually install sketchy repos, usually pirate ones, or wizard-builds, and even in the latter case you shouldn't be taking this in such a serious consideration to justify an action like this, after all you don't mind if users use Kodi for pirated content right? it's their fault if they have a sketchy repo so why bother?
I am missing the point here
2017-09-06, 14:46
(2017-09-06, 13:54)ohmykod Wrote: I might be wrong but this looks to me just like a shot aimed at third party addons, I dont see an issue so urgent or bad to justify this override measure.Yep, you are missing the "security" measure this override provides.
I always read that Kodi doesn't care about what user do with their kodi installation, nor it tries to force people to use something, but using this feature is like feeding people with what you decide them to use or not.
If you use Kodi for just legit purposes, which the Kodi Team always suggests to do, you dont have the problem of installing un-trustworthy addons so you shouldn't have the need to worry about overriding ids, this problem only comes when you usually install sketchy repos, usually pirate ones, or wizard-builds, and even in the latter case you shouldn't be taking this in such a serious consideration to justify an action like this, after all you don't mind if users use Kodi for pirated content right? it's their fault if they have a sketchy repo so why bother?
I am missing the point here
As it is now a user can download a plug-in that was vetted by team Kodi, then a third-party repository can update that plug-ins code. The end-user would be absent to the fact they are no longer running trusted code.
Some users might say "so what" ... Those users should be reminded that a popular third-party repository (TVA) was caught twice pushing malware code to their users.
Sent from my SM-G935T
2017-09-06, 15:21
(2017-09-06, 14:46)Lunatixz Wrote:When this tread started I thought that this is a great idea that should be added but the more I think about it the more I am convinced otherwise.(2017-09-06, 13:54)ohmykod Wrote: I might be wrong but this looks to me just like a shot aimed at third party addons, I dont see an issue so urgent or bad to justify this override measure.Yep, you are missing the "security" measure this override provides.
I always read that Kodi doesn't care about what user do with their kodi installation, nor it tries to force people to use something, but using this feature is like feeding people with what you decide them to use or not.
If you use Kodi for just legit purposes, which the Kodi Team always suggests to do, you dont have the problem of installing un-trustworthy addons so you shouldn't have the need to worry about overriding ids, this problem only comes when you usually install sketchy repos, usually pirate ones, or wizard-builds, and even in the latter case you shouldn't be taking this in such a serious consideration to justify an action like this, after all you don't mind if users use Kodi for pirated content right? it's their fault if they have a sketchy repo so why bother?
I am missing the point here
As it is now a user can download a plug-in that was vetted by team Kodi, then a third-party repository can update that plug-ins code. The end-user would be absent to the fact they are no longer running trusted code.
Some users might say "so what" ... Those users should be reminded that a popular third-party repository (TVA) was caught twice pushing malware code to their users.
Sent from my SM-G935T (typie typie)
Implementing the current suggestion would seem to inconvenience the beta testing community and any attempt to mitigate that inconvenience would be fruitless.
With that being said the best solution that I can currently see is to keep track of what repo the addon or skin came from and only accept automatic updates from there. Basically once a third party repo is installed there is not much that can be done to maintain security.
2017-09-06, 15:23
(2017-09-06, 14:46)Lunatixz Wrote: As it is now a user can download a plug-in that was vetted by team Kodi, then a third-party repository can update that plug-ins code. The end-user would be absent to the fact they are no longer running trusted code.I woke up one morning and found a bunch of sketchy repos had magically disabled the third-party repo warning and installed themselves on my machines without me doing anything.
Then I realised I was still dreaming.
2017-09-06, 15:28
(2017-09-06, 15:23)trogggy Wrote:LOL, if you can down play the senerio... It only reflects poorly on you and your knowledge of the situation. There are dozens of real world examples... and yes a user could wake up to repos installed without their knowledge. It only takes one unauthorized script.(2017-09-06, 14:46)Lunatixz Wrote: As it is now a user can download a plug-in that was vetted by team Kodi, then a third-party repository can update that plug-ins code. The end-user would be absent to the fact they are no longer running trusted code.I woke up one morning and found a bunch of sketchy repos had magically disabled the third-party repo warning and installed themselves on my machines without me doing anything.
Then I realised I was still dreaming.
Sent from my SM-G935T
2017-09-06, 15:41
(2017-09-06, 15:28)Lunatixz Wrote: There are dozens of real world examples... and yes a user could wake up to repos installed without their knowledge. It only takes one unauthorized script.It takes a conscious decision to install things from outside the official repo. And one unauthorised script.
Or an unauthorised script in the official repo.
No?
If third party repos are enabled then this doesn't secure against a malicious script. Does it?
