New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Feature] Add plugin permissions #1388
Comments
All addons listed at https://betterdiscord.app are vetted and also the only ones we encourage you to use. If you install plugins from elsewhere you are Here are the new (currently going into effect) requirements for official plugins. That said, after discord completes their upgrade to electron 17, BD may have the chance to implement something like this for node-provided features (file system access, running http servers, ...) without breaking virtually all existing plugins using these. There's no concrete plans yet however. Other than that, BD has no way of enforcing declared "intents". Just not how it works. |
A permission system (not intents) is something we are considering anyways, I will leave this open to help track. |
Also your example
Will never be an official permission, there is no reason for plugins to use this. And malicious plugins will just not use the permissions-based API anyways so the help there is minimal. The bigger help as Inve1951 said is the electron 17 upgrade. |
But it's sitting there, exposed by BetterDiscord. So either this exposure would need to be removed or hidden behind a permission.
That's where the permission system would come in. |
That's quite literally how it works as per the docs.
It is... Also gonna go ahead and delete that snippet now. |
This shows a fundamental misunderstanding of how this all works. |
At the end of the day, installing a malicious plugin will always be dangerous. BD can try and put certain security aspects in place (discord does too), but you should never think it's ok to install a malicious plugin because you're so securely protected anyway. It's way more important to inform and educate users that malicious plugins can inflict serious damage and that's the reason why they should only use official plugins from the BD website. |
Indeed. Sandboxing JavaScript once it's already run in global context is a lost cause. Preventing access to the token is just a pointless game of cat and mouse (you can hide it from a plugin, but it's almost always going to be available somewhere else because of the fact discord iself uses it), and that's what the review process on the site aims to stop. |
Is your feature request related to a problem? Please describe.
This feature is related not to a bug but a wider problem in where installing a malicious plugin may cause all kinds of effects (like your account being stolen).
Describe the feature you'd like
This feature would implement a system where plugins are required to declare intents for permissions regarding the BD API (eg. access to a user's auth token) and the user must grant them before the plugin can use them.
This way, a user will get a bigger heads-up about what the plugin is requesting access to, limiting the effects a malicious plugin may have (assuming the end-user won't just click "grant" blindly).
The text was updated successfully, but these errors were encountered: