Implement permissions/capabilities for plugins #19
Description
Plugins should only be allowed to perform certain actions when the user gives explicit permission.
The permissions should be very fine grained.
- Running external processes
- Language servers are a special case probably
- Allow giving access to specific executables/everything
- Making network connections
- Specifiy individual hosts/ports
- Accessing the file system
- Specify read/write access for individual folders/everything
- Reading buffer content
- Specify permissions per file/folder
- Permissions:
- Full content
- Full content but with secrets replaced by
*(depends on Implement secret detection and hiding #18) - No access
- Anything else?
Open questions:
- Pass permissions around through functions?
- (+) Permissions can be handled more fine grained inside plugin (useful if plugin uses libraries)
- (-) Lots of extra argument
- Or: Specify permissions for entire wasm module
- (+) Simpler
- Allow passing of permissions between plugins?
- E.g. Plugin A with permission to read specific folder calls function from plugin B without any permissions but utility functions for reading files and passes it the permission for specific folder