[TxMt] GitHub bundles and security?

Geoffrey Hutchison geoff at geoffhutchison.net
Tue Dec 23 12:53:25 UTC 2008


Maybe I'm a bit paranoid, but I just tried out the new GetBundles and  
GitHub integration. I like the idea (that it dynamically finds GitHub  

I'm just worried about the security implications. Does TextMate  
sandbox bundles? I mean, technically speaking, GetBundles lets you  
download unknown bundles which can execute arbitrary code on my machine.

I'm also inspired by the GitHub/TextMate solution and would like to  
use a similar interface for downloading script modules in my app. I'm  
just hoping there's a good way to secure them.

Thanks so much!

More information about the textmate mailing list