Well, imho there hasn't been a release of blender, where code execution from malicious blend files wouldn't be possible with some effort. By preventing script execution you may prevent some kiddies to do so, but I think we all have to be aware of, that blender will never be able to securely process content from untrusted sources. And to be honest, I can live with that.
There may be some potentials for attacks in distributed rendering projects, which use blender, since you mainly would take over boxes with high specs, which could be of use. Or someone specifly targets CGI companies and studios. I wouldn't worry too much tho. I guess a good way to handle embeded scripts is sufficient (without any sandboxing etc.). Features like baking py driven stuff, so that nodes, which won't execute python scripts, in distributed rendering projects can render blend files, could help for e.g. Aurel On 24 February 2010 15:42, Dalai Felinto <[email protected]> wrote: > +1 on an option at loading time to disable scripts. > > In Blender 2.4xx it was perfectly possible to have this (I wrote a patch > that was disabling all py - pynodes, pyconstraints, pynumbers, ... - at load > time). > However (big however here) I myself wouldn't try to write it again to > Blender 2.5 unless I have a clear go for that (nor advice someone to do it). > Also I forgot the arguments, but in bconf 2008 Ton convinced me that this > wasn't a good idea, so I dropped it. > > One option is to have it as an internal option and leave > developers/interested people to change their UI files to expose this. > > Dalai > (the old patch is here: > http://projects.blender.org/tracker/?func=detail&aid=17701&group_id=9&atid=127 > ) > > > 2010/2/24 Campbell Barton <[email protected]> > >> @Benjamin, I think you sum this up well in your last mail, Blender >> will continue to go with option #1, (allow security hole to exist), >> rather then switch language/language implementation. >> >> @Knapp, agree security at an OS level would help. >> >> Im not suggesting we ask the user before running scripts, only that >> there is an open on loading not to run scripts in the blendfile. >> >> This isnt exactly security but at least allows you to safely load a >> blend file from some unknown source. >> - Campbell >> >> On Wed, Feb 24, 2010 at 12:20 PM, Knapp <[email protected]> wrote: >> > It seems quite oviouse that we need a new layer of security in all >> > OSes. We have su and user now, we need to add program. Anything >> > launched by Blender should not be able to open files made by Firefox >> > etc. This is not a problem that Blender will be able to solve but I >> > don't see asking the user to be of much use anyway. The artist I know >> > just say, " what does that mean?" and then click what ever it takes to >> > get the silly program working again. Not ideal but real. Perhaps >> > Blender should have a repository or secure scripts that people can get >> > so that we are not out downloading scripts from random places? >> > -- >> > Douglas E Knapp >> > >> > Open Source Sci-Fi mmoRPG Game project. >> > http://sf-journey-creations.wikispot.org/Front_Page >> > http://code.google.com/p/perspectiveproject/ >> > _______________________________________________ >> > Bf-committers mailing list >> > [email protected] >> > http://lists.blender.org/mailman/listinfo/bf-committers >> > >> >> >> >> -- >> - Campbell >> _______________________________________________ >> Bf-committers mailing list >> [email protected] >> http://lists.blender.org/mailman/listinfo/bf-committers >> > _______________________________________________ > Bf-committers mailing list > [email protected] > http://lists.blender.org/mailman/listinfo/bf-committers > _______________________________________________ Bf-committers mailing list [email protected] http://lists.blender.org/mailman/listinfo/bf-committers
