[Bf-committers] "Security" gets in the way
Martin Poirier
theeth at yahoo.com
Thu Apr 29 06:02:56 CEST 2010
--- On Wed, 4/28/10, Charles Wardlaw <cwardlaw at marchentertainment.com> wrote:
> I'm surprised that nobody has mentioned the simple solution
> of
> disallowing automatic scripts and scripted constraints from
> accessing
> the os and sys modules (perhaps limiting imports to only
> bpy).
That's because it doesn't work. Anybody that really wants to get around such a block can (and get access to all file read and write functionality).
One of the only safe way to sandbox CPython would be to wrap the whole low level Clib and event that most likely would leave some holes (beside being a mammoth task).
Martin
More information about the Bf-committers
mailing list