Implement differentiation between "trusted" and "untrusted" filters
Closed this issue · 1 comments
anfragment commented
Description
Some scriptlet rules (prefixed by trusted-) should only work in "trusted" filters, as they have a potential to disrupt user privacy and security. Thus, we need:
- A documented and well thought-through algorithm for deciding which lists should get a "trusted" status.
- A code implementation of the concept.
anfragment commented
Which lists get a "trusted" status
- This problem should be approached in a manner similar to the principle of least privilege. This means that only lists that use trusted scriptlets (and use scriptlets at all) should be granted a trusted status.
- We should keep the number of trusted filter lists to a minimum. I suggest setting a limit of 5 for now.
- Trusted filter lists should either be open-source and distributed via a repo-linked CDN (such as GitHub), or maintained by a trusted, community driven organization.
Considering the lists currently included in our default configuration, I propose granting trusted status to the following two lists:
- AdGuard Base filter
- AdGuard Spyware filter