[Bf-committers] Blender 2.5 malicious scripting

[Rick Yorgason]

Benjamin Tolputt wrote:
> Given both the cross-platform nature of Blender (ruling out IronPython)
> and the fact that Blender uses the C-API of Python quite heavily (ruling
> out Jython, even were a JVM requirement acceptable) - anything but a
> version of CPython (patched or otherwise) is simply outside the scope of
> this or feasible future developments.

It would be a bit of extra maintenance, and I'm sure it's out of the
question to even consider this for 2.6, but you could possibly maintain
two language bindings, at least for a transitional period (i.e. until
the next time the API changes so much that that existing scripts stop
working, which could be quite a while).

That way when somebody asks "How do I get Blender to stop complaining
about insecure scripts?", you can simply answer "Write your scripts in Lua."

And just to save everybody the hassle of pointing out the holes in this
proposal, I'll play devil's advocate with myself:

This feature would be nice to have, but it's probably more work than
it's worth -- on the parts of the developers, the scripters, *and* the
doc writers -- for something as trivial as eliminating a single click
when you open a file.  It's also not as simple as it sounds.  Running
all scripts in a sandbox isn't some magical panacea; a lot of thought
will have to be put into how to deal with file/network resources and the
like.

-Rick-