@Tyler, from conversations with python devs, the request of sandboxing gets the response "dont even think about it!", I'm not especially interested in security to the point where Id try motivate others, but am not against someone working on it either.
so now this seems to boil down to "who wants to write a patch" :), probably should be a command line argument like Dali wrote for 2.4x as well as an option on load. There are stull some issues still like, what happens when you double click on a file to open so maybe something like this. - user default for the startup auto-execution-script value. - global flag for auto script execution that is reset on loading blend files and can be set on file load. would look something like G.flag & G_PY_AUTO_EXEC, U.py_auto_exec which could be accessed anywhere. again, I think hashing scripts would be hard to manage well, not to mention hashing every pydriver (can be 100's) and having a place to store this, varify etc. On Thu, Feb 25, 2010 at 9:26 AM, Stefan Langer <[email protected]> wrote: > 2010/2/25 Tyler Tricker <[email protected]> > > >> [...] What about checking MD5 hashes on core scripts and having a command >> line >> option to shut down all other scripts? That way if there is a bad script, a >> user still has the ability to open a file to try and extract useful data. >> [...] >> > Use SHA cause MD5 is broken and can be easily faked now a days. > _______________________________________________ > Bf-committers mailing list > [email protected] > http://lists.blender.org/mailman/listinfo/bf-committers > -- - Campbell _______________________________________________ Bf-committers mailing list [email protected] http://lists.blender.org/mailman/listinfo/bf-committers
