[Bf-committers] Please turn off Auto Run Python Scripts by default
Yu Asakusa
yu.asakusa at gmail.com
Tue Jun 4 15:23:19 CEST 2013
Thank you for the reply, and especially for the pointer to the
previous discussion in April and May 2010. I was not aware of it.
I think I took a look at all the messages in that thread in the
archive. Now I understand it is unacceptable to some people to
disable autoruns by default. So I will change my suggestion to the
following: Please add an option to confirm before Blender runs Python
scripts automatically, and turn on this new option by default.
Probably this option should be ignored in the batch mode.
I tried to find this suggestion in the past thread, but I could not
find it. Excuse me if this was already suggested and rejected for
some reason and I overlooked it, but in that case I am curious what
the reason for rejection was.
On Tue, Jun 4, 2013 at 8:15 AM, Brecht Van Lommel
<brechtvanlommel at pandora.be> wrote:
> There was a decision to turn autorun on even if it causes potential
> security issues, what it comes down to is that we can't really secure
> python scripts, but they are critical for many artists worksflows.
>
> For a long discussion on the topic see here:
> http://lists.blender.org/pipermail/bf-committers/2010-April/027216.html
>
> On Tue, Jun 4, 2013 at 12:51 PM, Yu Asakusa <yu.asakusa at gmail.com> wrote:
>> Hello,
>>
>> Currently “Auto Run Python Scripts” in the File tab in the user
>> preferences (UserPreferencesSystem.use_scripts_auto_execute in Python)
>> is turned on by default. Please turn it off by default.
>>
>> The current default setting means that when users open a blend file,
>> Blender runs any Python scripts in the file as long as they are marked
>> for auto-run. Python scripts can read/write local files and do other
>> malicious things. Therefore, if users would like to open an untrusted
>> blend file, they must explicitly disable auto-run by either turning
>> off “Auto Run Python Scripts” in the user preferences or turning off
>> the “Trusted Source” checkbox in the File Browser window. (See also
>> my post on Google+
>> <https://plus.google.com/u/0/102042171744549015655/posts/2ayrQg2gUG6>.)
>>
>> I do not think many users know it is dangerous to open an untrusted
>> blend file with the default settings in Blender. It is different from
>> the common expectation for file-editing programs such as word
>> processors: opening an untrusted file in file-editing programs is
>> usually not considered to be a security risk. In other words, in
>> file-editing programs, it is program’s responsibility to prevent
>> attacks even if users open malicious files. Depending on the point of
>> view, the current default behavior may be considered as a security
>> vulnerability in Blender because of the mismatch between user’s
>> expectation and the actual behavior.
>>
>> Regards,
>> Yu
>> _______________________________________________
>> Bf-committers mailing list
>> Bf-committers at blender.org
>> http://lists.blender.org/mailman/listinfo/bf-committers
> _______________________________________________
> Bf-committers mailing list
> Bf-committers at blender.org
> http://lists.blender.org/mailman/listinfo/bf-committers
More information about the Bf-committers
mailing list