Plugin management suggestion

[StephanP]

I'd like to make a case for an enhanced way of storing and managing plugins.

 

Currently paint.net plugins (v4.0.x) must be downloaded and unpacked in the subfolders Effects, FileTypes ans Shapes within the paint.net installation folder.

• The fact that this is a manual job is not convenient for those who are less computer savvy
• The fact that copying files into subfolders of the installation folder requires Administrative rights is a blockade for users living in a restricted computer environment, such as Education or larger companies

Of course it would be best if paint.net would have a Plugin manager where the user can select desired plugins and downloading, installing and updating would be taken care of automatically. I figure such will be quite a project to take up.

 

An intermediate solution could be that paint.net allows for alternative plugin locations, e.g. C:\Users\username\paint.net.ext\Effects\etc.

This ready accessible folder would allow restricted users to download and store plugins without the help of an Administrator. As a second alternative location I´d like to propose C:\Users\Public\paint.net.ext\Effects\etc.

With both alternative plugin locations in action, it is possible to have a basic set of plugins installed for all users plus additional ´personal´ plugins available per user.

 

Maybe such an enhancement would be possible within a less lengthy development scheme.

[Darty]

Of course it would be best if paint.net would have a Plugin manager where the user can select desired plugins and downloading, installing and updating would be taken care of automatically. I figure such will be quite a project to take up.

 

Plugin Manager / "Get Addins" -- Looking into this for a post-4.0 release. At the very least we should finally be able to end all the questions of "how do I install a plugin?"

^ This has already been mentioned in the Popular Feature Requests topic. So the idea isn't new.

What you mentioned after isn't discussed as far as I know. It could be a good option, so the downloaded plugins work for people in any situation.

[BoltBait]

Since this is already listed in the Popular Feature Requests, I'm closing this.

[Rick Brewster]

An intermediate solution could be that paint.net allows for alternative plugin locations, e.g. C:\Users\username\paint.net.ext\Effects\etc.

This ready accessible folder would allow restricted users to download and store plugins without the help of an Administrator. As a second alternative location I´d like to propose C:\Users\Public\paint.net.ext\Effects\etc.

With both alternative plugin locations in action, it is possible to have a basic set of plugins installed for all users plus additional ´personal´ plugins available per user.

 

This sounds like a good idea at first, but you have to remember that regular user folders do not have good security by definition*. Plugins are code. That means any random malicious script could drop a DLL into a user's plugin folder and get paint.net to do bad things. While it may not technically be a security vulnerability**, it's still preferable to have the requirement that all code within Paint.NET's process must have gone through an administrator privilege check. That is, it must have been installed by an "administrator." It is unwise to allow a non-administrator user to override the security decisions made by the administrator.

 

However ... if you want to have the ability to install plugins without the administrator check, then make a copy of the installation directory (e.g. C:\Program Files\paint.net) and toss it into the user's folder. Then you can create an Effects or FileTypes folder and put whatever you want in there without any admin check. This is a corollary of the ability to easily use Paint.NET as a portable app since version 4.0.7 (see also: http://forums.getpaint.net/index.php?/topic/106754-how-i-get-paintnet-portable/#entry510189). While this may sound like word smithing around the previous paragraph, the administrator should still have the ability to block the execution of binaries that they haven't specifically allowed. So the administrator still has the final say, which is what you want/need.

 

* They're the user's folders, and therefore the user can make changes to them. Applications that a user runs will "run as" the user, and therefore they can also make changes to them. You can't protect a user's folders from that user. And since applications run as the user, you can't protect user's folders from the applications that the user is running. This is the problem with the classic Windows (et. al.) application model. Newer application models, like with Windows Store apps, Android's Google Play Store, and iOS App Store, create a new "user account" for each application. This allows the configuration of per-application sandboxing and security, allowing them to be firewalled from each other and from unwanted access into the user's data.

 

** Raymond Chen's blog always has good examples of this: https://blogs.msdn.microsoft.com/oldnewthing/20060508-22/?p=31283