Hi, Bill, Craig, Hong,Sahoo:
After the disscusstion recently, I pick up some of the disscussion
above and list as follows to see whether there still exist any other
suggestion:
A) An option to disable the deployuri command completely should the
administrator be concerned
B) An option to limit the URI types that would be allowed
C) Allow for specification of a "sandbox" area use as the download location
to better control permissions, ownership, quotas, disk space, etc.
D) Allow for the possibility to include hooks for virus scanners or other
intrusion detection software.
As to A) and B):
Just regard the tips as Bill had mentioned that we should create an
attribute or property set with "asadmin set", If different administrators
had different privileges in the future, we could restrict the use of the
"asadmin set" command. I think the most important question here is to how
to use a local-only command to control this option("asadmin set")?
As to C):
Regard to the tips as Hong, How about regarding the directory of
domains/<domain_dir>/applications/__internal/<app_name>/ as a directory to
store the application download remotely. Of course, the operation to
execute the download will be executed during the server side.
As to D):
Regard the tips as Sahoo suggest, we can try to enforce use of vc like
protocol or automatically decorate the url with vc protocol
Thanks
-Jeremy