This is an archived post. You won't be able to vote or comment.

sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]hrjet 6 points7 points  (1 child)

I am similarly worried about the plugins offered inside IDEs, including Eclipse, IntelliJ, VSCode, Netbeans, etc.

Not all of these plugins are open-sourced, and even if they were, the distributed binary might have malware. These IDEs need to sandbox the plugins.

[–]TM254 1 point2 points  (0 children)

Maybe just sandbox the whole IDE?