[Bf-committers] "Security" gets in the way
Ruslan Merkulov
r.merkulov at gmail.com
Thu Apr 29 02:41:06 CEST 2010
joe, I believe, it's possible write a blender python script that will
read your private data and send it to author's email and do all sorts
of other evil stuff. And if you have "Auto-run scripts" turned, all it
takes is a download a blend file, run it and that's it.
On Thu, Apr 29, 2010 at 4:21 AM, joe <joeedh at gmail.com> wrote:
> Why do we need these "security" features anyway? It's not like there
> aren't tons of exploits that could be taken advantage off anyway.
> Blender is a producton 3d app, not a web browser.
>
> Joe
>
> On Thu, Apr 29, 2010 at 2:09 AM, Charles Wardlaw
> <cwardlaw at marchentertainment.com> wrote:
>>> Blender isn't the only 3d app to use python as embedded language. I
>>> wonder how Maya and Houdini deal with these kinds of problems? And not
>>> only 3d packages encounter such issues - Google App Engine for example
>>> restricts usage of some python modules.
>>
>> The simple answer is: they don't. If Maya tried to add security settings to files you can bet your own child the uproar would be heard into space, and they'd roll back the change pretty quickly.
>>
>> The same goes for all other packages I've used which implement Python.
>> ~ C
>>
>> _______________________________________________
>> Bf-committers mailing list
>> Bf-committers at blender.org
>> http://lists.blender.org/mailman/listinfo/bf-committers
>>
> _______________________________________________
> Bf-committers mailing list
> Bf-committers at blender.org
> http://lists.blender.org/mailman/listinfo/bf-committers
>
More information about the Bf-committers
mailing list