In this current version the location of the plugins is fairly complicated. Assuming we're looking for the plugin 'foo' we look, in order, in:
1. The user's current directory (./). First for a directory 'foo' and then for 'plugins/foo',
2. Next in the directory of the file being processed (assume we're processing a lib file ...),
3. In the MMA directory (where the libs live) in a directory called 'plugins'.
Honestly, it's a mess. But, there is a reason! As it is now the user can disable searches in any of 1, 2 or 3 but setting a flag in their .mmarc file. The idea is to make it hard to load "bad" plugins. But, as others have pointed out ... if someone is really bad they are going to bypass this "security" pretty easily.
So, here's my off-the-top idea:
--> Have only one path or paths to search for a plugin via a new system variable PlugPath (similar to LibPath) and check that. So, Plugpath will initially be set to (probably):
./, ./plugins, MMAlib/plugins
and do away with the various (silly?) tests and restraints. Of course, users would be able to expand/modify this list in there .rc file.
I would like to maintain warning the first time a plugin is called. Probably not 100% secure ... but
Comments please!