[Bf-committers] parsing Blender and math expressions?

[Theo de Ridder]

On 30 apr 2010, at 12:00, bf-committers-request at blender.org wrote:

> Triggered by the crazily exploded security/sandboxing talk, I looked a 
> bit into what kind of mathematical expression parsers etc. 

well, I was triggered too, and having just recently thought about pragmatic en pythonic ways
to get around with sandboxing and downscaling Python without giving up its basic elegance as
front-end for artistic programming, I decided to become finally a bit active in this mailing list;

my basic approach is the other way around of parsing source code: making decorators
that analyse generated byte-code and even transform byte-code; I have used this in an IDE
for advanced impact-analysis and global flow analysis that work through metaclasses
(in contrast to pychecker), and also for generating 'bytecode' for extreme small sensor nodes.

at this moment I am working on a bridge between Python and Lua, it is a chunk decorator that
maps Lua syntax and semantics 1-1 on natural Python syntax and semantics, it executes
directly within Python, and its __str__ produces the equivalent LUA source code;

and this is my pragmatic and scalable suggestion towards more security:
the total amount of Python code in a Blender application in general will not be that huge (< 10000 lines);
Pythons standard compiler is very fast, and filters on produced byte-code can be fast too.
if such filters classify compiled code in a certain scale of trust, it is up to the user (or moderator) to
do some code inspection of indicated low trust without the need to look everywhere.

~Theo