[Bf-committers] "Security" gets in the way

[Benjamin Tolputt]

Michael Fox wrote:
> Ok it seems we are getting nowhere fast on this, so to address the
> original issue, have it off by default as that is what seems to be
> causing the most troubles, yet keep it there for those who need it (ie
> paranoid IT people :) ), 
>   

To be honest, I think the reason it is not getting anywhere is two-fold.
Firstly, the "default off" /solution/ that is proposed is *not* a
solution. It's like making entering a password optional. Unless it is by
default *on*, the people most vulnerable to an attack are going to be
those that don't turn it on.

> as in a studio you will mainly be using internal scripts for like rigs
> and such not much from the external world
>   

OK, and when rigs do come in from the outside world, like in the recent
Durian townsfolk sprint, we *know* that those most experienced in
Blender will check them for malicious scripts and/or only open them on
machines locked out of the network, right? We still haven't got an
answer on that. I think that is pretty telling.

> also to show the danger to new users put a warning on the download page
> in nice red letters at the top
>
> all of this is done until a suitable option is available, and dropping
> python all together is certainly not a viable alternative
>   

Warning, I am happy to have. Without cooperation from the Python
development team though, keeping Python is not a viable alternative
either. Something might come out of PyPy (currently they still have "all
or nothing" security, not context-by-context restriction) which will
make this all moot.

> now can this argument please end?
>   

I'm simply replying to emails on the subject. It's not like this has
been going for a week and debate on controversial subjects like this are
not going to be solved by asking people to "just agree". Should one of
the core devs ask me to stop mailing on the subject, I will of course do
so - it is, after all, their opinion on the matter I am trying to ascertain!