[Bf-committers] Python status

Charles Wardlaw bf-committers@blender.org
Sat, 17 May 2003 12:30:26 -0700 (PDT) 

> * Create a seperate script for VRML import/export               
>   This can be distributed with blender then. The script
>   could function like the Yafray import/export script

If the script is distributed with Blender, as with the Yafray script,
wouldn't the script menu function be a nice side-addition?  Perhaps the
default b.blend would include yafray export / import and VRML
import/export in that menu by default.  The scripts could live in the
~/.blender/plugins directory, or in the app bundle on OSX.

> Security issues:
> Python is a full fledged script language that provides all the 
>>> snip <<<
> Currently, discussion is going on about that issue, but feel 
> free to join in :)

There are three things I can think of off the top of my head (stop me
if they've already been brought up on the python list).  First, a
disabling of potentially dangerous functions by way of a global program
variable / toggle button in the userprefs.  Or maybe a security
section, that (dis)allows the running of python scripts at blender
startup, or the running of dangerous functions, or allows the user to
run with gleeful abandon into the arms of whatever evil script-kiddies
can come up with.  User choice.

Second, a check to see whether blender's being run as a super user --
then a second set of failsafe's could come into play, disallowing
dangerous function usage, period, unless blender's run with a special
command line, or something.

Third: some kind of script signing?  I know there was talk of removing
OpenSSL, so this might not be the best of ideas, and signatures can be
faked, leading us back to options one and two.

There of course would be ample warning about these "features" in some
readme, so that newbies would know why their export script wasn't
working, etc.  I do think, though, that most people aren't going to use
file writing (I see more people using Python to add functionality for
special 3D geometry generation / editing, or to automate animation, but
few people will be writing exporters), and with proper warning to the
exporter writers of what switches to turn on and where, things would be
fine.

- Charles