Support » Plugin: Dropbox Photo Sideloader » Immature plugin

  • This plugin is immature

    You can’t reset your dropbox apikeys once loaded
    Teh plugin doesn’t work with partly access to dropbox. This is the recommended setting by Dropbox.

    Having this plugin access your whole dropbox is a real security risk, which I am not willing to take.

    It’s a good idea, but really, why not make use a the share readonly link, so you can take any folder from Dropbox even folders that you share for a project. That would be hassle free and quite secure.

    Note: Apps that have partly access to DropBox have a sub folder in the DropBox “Apps” folder. You can’t make these folder shared read write folders so other DB users can drop photos in it. Which limits the use.

Viewing 7 replies - 1 through 7 (of 7 total)
  • Plugin Author Samuel Wood (Otto)

    (@otto42) Admin

    You have to make your own app to use this plugin at all, so I’m not sure how it can be a “security risk”. You own the app. Only you are using it. You’re not giving access to me, or anybody else’s app.

    The plugin’s code is open and available for anybody to see. You can see exactly what it does and how it works. It talks to nowhere else except for your blog and Dropbox, and it does exactly what it says in the description, and nothing more.

    Hi Samual,

    Thanks for replying. Your plugin needs access to my whole DropBox account. It does not function with the partly access DropBox provides. The app and plugin access then is sandboxed to a specified folder in the “Apps” DropBox folder.

    Sandboxing is a very good security measure. When e.g. the WordPress installation is compromised one way or the other, it does not escalate to compromising the whole DropBox account. This is a very important concept.

    Not honoring this concept is forcing users to give the plugin access to the whole DropBox account. This is a risk I am not willing to take.

    So the security risk i talk about is a conceptual risk not a operational risk.
    If your plugin is more than a hobby project, it worth considering adding the sandboxed DropBox access.

    Also not being able to reset the DropBox credentials, is IMHO a shortcoming.

    To conclude, giving a WordPress plugin potential access to my whole DropBox content is not a risk I am willing to take. This is in the scoop that I trust DropBox and there security monitoring system, trust your code, but have always the risk, that my WordPress installation can be compromised e.g. by an other plugin, hack of the shared hosting server, hack of the hosting control panel, you name it. Sandboxing access is really a very good idea, to exclude these implied risks, of compromising my whole DropBox account. I can live with the risk just the one folder running this risk.

    This is why I label using your plugin as a security risk. It lacks a very important security feature: Partly access to dropbox. This is the recommended setting by Dropbox.

    Hope this helps you with your code development.

    Plugin Author Samuel Wood (Otto)

    (@otto42) Admin

    Your plugin needs access to my whole DropBox account. It does not function with the partly access DropBox provides.

    Yes, I know. However, that is in fact the whole point of the plugin.

    See, the plugin is designed to allow you to copy images from your Dropbox into WordPress. In order to do that, it needs access to those images. It’s just not very useful if the images have to be in a special folder for it to be able to access them.

    I could make it only use a special folder, but it’s much less useful that way. As far as access goes, you’re creating your application yourself, and you can leave the application in developer mode so that nobody but your account can even use it. And again, the plugin code is open and you can read it and even modify it yourself, if you don’t believe me about what it’s doing.

    There is no security risk to this plugin, and Dropbox’s single-folder-level access would make the plugin less useful. That sort of access is for people making code to store things in your Dropbox, which this plugin does not do at all. Quite the opposite, in fact.

    I Diagree with you at many points

    As the plugin itself is not a security risk, using this plugin can pose a security risk to a dropbox account as i described above. This is actually true for any pluging granted full access to DropBox and which information you store in your DropBox

    Partly access is still very use full mechanism, as I can just drag and drop images to that particular folder. DropBox understands that very well, no additional uploading needed, files are move on the DropBox server.

    Partial access is much more save as the access mechanism operates in a sandbox. It’s a widely spread spread coding practice to keep things secure if one pice in a chain escalates.

    This is done in many fields of engineering including software design. In this particular example a user option between partial and full access is recommended by DropBox it self and big companies like Vimeo

    So I am in the very strong opinion, that giving a pice of software like a plugin, full or partially access to DropBox should be a users choice not a designers choice.

    Deciding that as a coder, as you oppose is in fact against save design practice and encouraging users taking unnecessary security risks.

    So I disagree with you on many points

    Security is half about secure coding and half about secure design strategies

    Plugin Author Samuel Wood (Otto)

    (@otto42) Admin

    Partial access doesn’t allow the plugin to access files in other folders. That is the whole point of “partial access”. It would reduce the usefulness of the plugin if you couldn’t actually get images from anywhere in the Dropbox.

    As for drag and drop, that makes no sense. The plugin doesn’t have any form of drag and drop and it doesn’t put images in Dropbox at all. It only reads from Dropbox, it doesn’t write anything.

    If you don’t want to use the plugin, then don’t use it. But giving it a negative review because you don’t understand what it does and don’t understand “security” is unjustified.

    The choice between: Partial and full access would increase the value of your plugin. As people can have other workflows that you have, or have perceived.

    The plugin also lacks a decant way to reset the dropbox credentials

    But you don’t seam to get that. That confirms my initial conclusion “This plugin is immature”

    Plugin Author Samuel Wood (Otto)

    (@otto42) Admin

    I do get that entirely. However, I disagree with your assessment and I disagree with your conclusions.

    If you want to modify the plugin to be less useful and not any more secure, then feel free to do so yourself.

Viewing 7 replies - 1 through 7 (of 7 total)
  • The topic ‘Immature plugin’ is closed to new replies.