eph1v3t8 Posted June 30, 2010 Share Posted June 30, 2010 I've been wondering about how safe it is to download and install Paint.NET plugins created by people I don't know. Are there some security features in Paint.NET that restrict what a plugin can do and what it can access? Thanks, --Paul Quote Link to comment Share on other sites More sharing options...
csm725 Posted June 30, 2010 Share Posted June 30, 2010 Any 'pinned' plugin topic is guaranteed safe. Quote My deviantART | Sig Battles | My Tutorials | csm725.com Click to enter or vote in the official Paint.NET competitions! COMPETITIONS: LOGO OF THE WEEK Link to comment Share on other sites More sharing options...
Rick Brewster Posted June 30, 2010 Share Posted June 30, 2010 There are no security features. And no, there is no guarantee of safety with respect to pinned plugins. Just popularity, and a higher likelihood that since they are popular they will be safe. Quote The Paint.NET Blog: https://blog.getpaint.net/ Donations are always appreciated! https://www.getpaint.net/donate.html Link to comment Share on other sites More sharing options...
eph1v3t8 Posted June 30, 2010 Author Share Posted June 30, 2010 There are no security features. And no, there is no guarantee of safety with respect to pinned plugins. Just popularity, and a higher likelihood that since they are popular they will be safe. If there are no security features, then I would think that someone could write a plugin that waited a couple of months to infect your computer, and you would probably never know where the infection came from. Or, whenever Paint.NET was running, it could look for interesting files and send them off to Russia. I'm not sure how that would be detected, and if the plugin were good, it would get good reviews, become popular, and maybe even get pinned. So, the situation is a little worrisome. (It didn't stop me from installing two plugins, but it does make me nervous.) --Paul Quote Link to comment Share on other sites More sharing options...
PineappleQc Posted June 30, 2010 Share Posted June 30, 2010 (edited) It's simple to prevent any damage, simply sandbox your paintdotnet application to a specific folder, and block it from sending communication or altering files outside that folder. I believe a number of antivirus and firewalls offer that feature, I know the lastest version of Comodo Free Firewall does. Edited June 30, 2010 by PineappleQc Quote "Ah, i love it when huge pineapples try to take over the world, it makes me sentimental :')" -Stephan Link to comment Share on other sites More sharing options...
eph1v3t8 Posted June 30, 2010 Author Share Posted June 30, 2010 It's simple to prevent any damage, simply sandbox your paintdotnet application to a specific folder, and block it from sending communication or altering files outside that folder. I believe a number of antivirus and firewalls offer that feature, I know the lastest version of Comodo Free Firewall does. I'll look into that-- thanks for the tip. Quote Link to comment Share on other sites More sharing options...
PineappleQc Posted June 30, 2010 Share Posted June 30, 2010 No problem, but just for the record, I have a whole bunch of plugins and have never had any problems. I regularly check my outgoing / ingoing connections and absolutely nothing even remotely suspicious. And anyhow, I do believe any antivirus would detect such behaviour fairly quickly, as any unallowed access of memory can be detected easily. Quote "Ah, i love it when huge pineapples try to take over the world, it makes me sentimental :')" -Stephan Link to comment Share on other sites More sharing options...
Rick Brewster Posted June 30, 2010 Share Posted June 30, 2010 If a plugin was found to be malware, it'd be removed immediately and the author would be permanently banned from the forum. No questions, zero tolerance. Quote The Paint.NET Blog: https://blog.getpaint.net/ Donations are always appreciated! https://www.getpaint.net/donate.html Link to comment Share on other sites More sharing options...
pyrochild Posted June 30, 2010 Share Posted June 30, 2010 If you're on Windows 7 or Vista, there's not much harm a plugin could do anyway, unless you're running Paint.NET as an admin (which there is no reason at all to do). There's not much incentive to target Paint.NET either. Like Windows vs. Mac, a good deal of security just comes from being a smaller target than Photoshop or GIMP. Assuming there's some dude out there that, for some reason, wants to give viruses to image editors... Quote ambigram signature by Kemaru [i write plugins and stuff] If you like a post, upvote it! Link to comment Share on other sites More sharing options...
Ego Eram Reputo Posted June 30, 2010 Share Posted June 30, 2010 And we are a fairly tight-knit bunch. Not many plugin authors are strangers around here. As suggested above, stick with the pinned plugins and you can't go far wrong. Quote ebook: Mastering Paint.NET | resources: Plugin Index | Stereogram Tut | proud supporter of Codelab plugins: EER's Plugin Pack | Planetoid | StickMan | WhichSymbol+ | Dr Scott's Markup Renderer | CSV Filetype | dwarf horde plugins: Plugin Browser | ShapeMaker Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.