Kirby
Guest
offline
Most likely ending up Lack of interest, but anyway:
Currently an admin with permission to manage Add-ons could install just about anything.
To improve security when managing Add-ons it would be nice if XenForo had support for digitally signed Add-ons.
This would allow to configure (by a super admin or via config.php) trusted public developer keys / certificates so only Add-ons signed by those keys / certificates could be installed.
Continue reading...
Currently an admin with permission to manage Add-ons could install just about anything.
To improve security when managing Add-ons it would be nice if XenForo had support for digitally signed Add-ons.
This would allow to configure (by a super admin or via config.php) trusted public developer keys / certificates so only Add-ons signed by those keys / certificates could be installed.
Continue reading...