[Bf-committers] Python sandbox

Benjamin Tolputt btolputt at internode.on.net
Wed Mar 17 10:38:57 CET 2010


Ton Roosendaal wrote:
> Perhaps a Google SoC project to secure Blender's Python could help here.
>   

For people considering this, be aware that securing embedded Python
(which is what this amounts to) is a *very* large task. There is a
reason a "secure Python" isn't out & about, and it is not only because
the core (Python) developers are not interested in it. And the examples
linked to are either limited in what they sandbox (i.e. they can be
worked around), are woefully out-of-date (i.e. would require significant
work to apply to the version of Python used in Blender 2.5), or are not
really feasible for Blender due to Python being embedded (PyPy's
sandboxing).

I am not saying that it shouldn't be done, I'd just be wary of a student
being able to complete the task as a Google SoC project (through lack of
time and/or capability).

-- 
Regards,

Benjamin Tolputt
Analyst Programmer



More information about the Bf-committers mailing list