joe, I believe, it's possible write a blender python script that will read your private data and send it to author's email and do all sorts of other evil stuff. And if you have "Auto-run scripts" turned, all it takes is a download a blend file, run it and that's it.
On Thu, Apr 29, 2010 at 4:21 AM, joe <[email protected]> wrote: > Why do we need these "security" features anyway? It's not like there > aren't tons of exploits that could be taken advantage off anyway. > Blender is a producton 3d app, not a web browser. > > Joe > > On Thu, Apr 29, 2010 at 2:09 AM, Charles Wardlaw > <[email protected]> wrote: >>> Blender isn't the only 3d app to use python as embedded language. I >>> wonder how Maya and Houdini deal with these kinds of problems? And not >>> only 3d packages encounter such issues - Google App Engine for example >>> restricts usage of some python modules. >> >> The simple answer is: they don't. If Maya tried to add security settings to >> files you can bet your own child the uproar would be heard into space, and >> they'd roll back the change pretty quickly. >> >> The same goes for all other packages I've used which implement Python. >> ~ C >> >> _______________________________________________ >> Bf-committers mailing list >> [email protected] >> http://lists.blender.org/mailman/listinfo/bf-committers >> > _______________________________________________ > Bf-committers mailing list > [email protected] > http://lists.blender.org/mailman/listinfo/bf-committers > _______________________________________________ Bf-committers mailing list [email protected] http://lists.blender.org/mailman/listinfo/bf-committers
