Ideas on Plugins and Security
We should probably have a
ION_PLUGINS_ENABLED variable that is set to 1 by default, but can be set to 0 to disable support for plugins. In addition, maybe we could also implement an optional
ION_PLUGINS_NAMESPACE_WHITELIST array which can be used to designate plugins that are explicitly allowed to execute. Then maybe we could have a means of protecting certain variables from being set within scripts, or even only allowing certain variables to be set from an environment file. Suggestions welcome for ways to make Ion more secure.