[Bf-committers] Python status
Ton Roosendaal
bf-committers@blender.org
Sun, 18 May 2003 12:10:40 +0200
Hi Michel,
Great work! And my compliments for Willian too!
About security issues, here's what I thought of in the past:
Python will get two security modes:
1. Sandboxed.
Only access is allowed to write to a default data space at the disk
(for example $HOME/.blender/python/). Executing commands and importing
is limited to the sandboxed area as well. (is that possible?)
2. Free.
All python commands available.
Further we define that automatic executing of commands (scriptlinks,
pull down menus or autostart editors) are only allowed in Sandbox mode.
Mode 'Free' is only possible by manually executing the script in the
Blender text editor. A user preset can also make the text editor
running sandboxed by default.
I think this limitation is acceptable, since 99% of the python scripts
are supposed to work with Blender internals only. If a python script
needs to export data, it can safely use the Blender fileselect for
that, or just write to the Sandbox area.
Of course someone can still create a script that harms your system, but
it won't be able to virally spread itself. I don't really like to add a
default security layer with SSL, passwords, signatures and stuff like
that.
What do you think?
-Ton-
On Saturday, May 17, 2003, at 20:55 Europe/Amsterdam, Michel Selten
wrote:
> Hi,
>
> In this mail I want to create a summary of the status of the current
> Python API. With this I hope to get a feeling if it's possible to have
> the new implementation ready for Blender 2.28. Any updates are welcome
> If there's somebody working on a point, I've written his name behind it
> between this-> (...) :)
>
> Critical:
> ---------
> The points below are needed for the Python API. These were either in
> the
> old API, or are just critical :)
>
> * Implement the main Blender module
> done
> * Implement the BGL module
> done
> * Implement the Camera module
> done
> * Implement the Draw module
> done
> * Implement the Image module
> done
> * Implement the IPO module open
> * Implement the Lamp module
> done
> * Implement the Material module open
> * Implement the Mesh module (IanWill) open
> * Implement the NMesh module (IanWill) open
> * Implement the Object module (Michel) open
> * Implement the Scene module open
> * Implement the Text module
> done
> * Implement the Window module
> done
> * Find a resolution for the security issues. open
> For a summary, see the end of this mail.
>
> High Priority:
> --------------
> The points below are not critical for a 2.28 release, but should have
> been fixed before it.
>
> * Update the comments for each module. open
> In the header comment I wrote "This is a new part of blender".
> This should be replaced by a short description of the module.
> * Write some standard test scripts for testing the (IanWill) open
> API
> ---> IanWill could use some help on this though.
> * Write a Blender Python API description (IanWill) open
> ---> IanWill could use some help on this though.
> * Write a tutorial on how to implement a new Python (Michel) open
> module.
> IanWill already has written a nice short description that
> covers a small part of this tutorial. He'll add it to cvs
> someday :)
> * Create a seperate script for VRML import/export open
> This can be distributed with blender then. The script
> could function like the Yafray import/export script
> * Remove the freeze stuff and source/blender/bpython from open
> the build process. This needs to be done _after_ the
> critical points are resolved.
>
> Low Priority:
> -------------
> The points below are not critical for a 2.28 release. These should be
> an
> addition to the current (2.27) API.
>
> * Add FileSelector to the Windows module
> done
> * Add ImageSelector to the Windows module
> done
> * Create new Armature module (Jordi) open
> * Create new Bone module (Jordi) open
> * Create new Curve module
> done
> * Create new World module open
> * Write some tutorials on how to use the Python API open
> (Including the new stuff)
>
> Security issues:
> ----------------
> Python is a full fledged script language that provides all the tools to
> delete files from your drive, format it, send mails, ...
> In other words it has the features to implement a nice virus :/
> Now, blender can execute a script when a .blend file is opened. So when
> a new tutorial guide becomes available, it's very easy for the writers
> to put some malicious .blend file in there.
> Also, when somebody reports a bug report, and provides a .blend file,
> he
> could have written a script that deletes your files.
> Currently, discussion is going on about that issue, but feel free to
> join in :)
>
> This summary has been sent to the Blender-Python mailing list first,
> but
> now after some updates I feel everybody should know about it :)
>
> With regards,
> Michel
>
>
> _______________________________________________
> Bf-committers mailing list
> Bf-committers@blender.org
> http://www.blender.org/mailman/listinfo/bf-committers
>
>
------------------------------------------------------------------------
--
Ton Roosendaal Blender Foundation ton@blender.org