Jump to content
How to Install Plugins ×

HOW TO INSTALL PLUGINS/General Plugin Troubleshooting Thread


RaveN

Recommended Posts

5 minutes ago, AndrewDavid said:

Paint.Net is now running with better and faster performance

 

GPU effects can also produce much higher quality results, it's not just faster

The Paint.NET Blog: https://blog.getpaint.net/

Donations are always appreciated! https://www.getpaint.net/donate.html

forumSig_bmwE60.jpg

Link to comment
Share on other sites

  • 1 month later...

It's mentioned that setting up a custom plugin folder (I have the Windows Store version) is discouraged for safety reasons, should I be worried? Is it THAT dangerous? It's unclear whether the security risk is for choosing a OneDrive path or ANY path, the documentation page should be clear as water with these kind of warnings ⚠.

 

I honestly can't stand to see the "paint.NET App Files" in my documents folders anymore... they're not actual documents. This is breaking the logical sort of my files so I really want to change the path. I want an honest answer, should I proceed?

Edited by spooky
Link to comment
Share on other sites

You can certainly proceed. The warning is there to make you think through the potential consequences.

 

The main one I can think of is if a malicious person were to get access to your OneDrive account (or just physical access to your PC -- although in that case why go to all this trouble?). If they understood Paint.NET plugin stuff, they could create a plugin with bad code and place it in there. The next time you launch Paint.NET, it will execute the code in that plugin.

 

I don't know how likely this is. I feel like it's something I might've done in high school to play a trick on a friend, or someone I didn't like.

  • Haha 1

The Paint.NET Blog: https://blog.getpaint.net/

Donations are always appreciated! https://www.getpaint.net/donate.html

forumSig_bmwE60.jpg

Link to comment
Share on other sites

From what you say it has more to do with the reliability of the plugin than the place where it is located. That makes the warning when changing the path a bit misleading. Regardless of whether it is located in the default documents folder or wherever, if the plugin author is malicious you are equally screwed.

 

Leaving OneDrive aside, which is potentially more dangerous (I suppose) because it is linked to a services account, can you confirm that changing the path to another non-cloud path does not put me in more danger than in its default location (C:/Documents)? And would you consider reviewing the documentation to make it clearer?

Link to comment
Share on other sites

17 hours ago, spooky said:

From what you say it has more to do with the reliability of the plugin than the place where it is located

I did not say that.

 

17 hours ago, spooky said:

can you confirm that changing the path to another non-cloud path does not put me in more danger than in its default location (C:/Documents)?

That's correct. If it's a non-cloud path then the attack vectors are strictly local. Anything malicious has to first find its way onto/into your computer, and if they manage that then why bother with the Paint.NET plugins folder and waiting for you to launch the app?

 

For a cloud folder, someone could be halfway across the world, and it could be used as a way to open up even more (remote) access to your PC.

The Paint.NET Blog: https://blog.getpaint.net/

Donations are always appreciated! https://www.getpaint.net/donate.html

forumSig_bmwE60.jpg

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...