[Bf-committers] Python sandbox

[Brecht Van Lommel]

Hi,

I don't think I'm bringing up anything new here but would like to
point out some things.

First is that there is a difference between python scripts, one
category is scripts to extend blender like exporters. These
fundamentally can't run inside a sandbox since they need to access
files. Some can but it's not worth making the distinction in my
opinion. I'm not at all worried about this case really, if you
download extensions, plugins, I think people understand these are
potentially unsafe. The bf-extensions repository should work well as a
place to get things officially reviewed, and personally I don't think
it's necessary to do anything more complicated, especially not if it
is something that users have to deal with.

The real problem is loading .blend files, which users may not know is
unsafe. Running scripts is now disabled by default in Blender 2.5, and
users must specify explicitly that they trust the .blend file. This
replaces the security problem with a usability problem, i.e. loading
your own .blend files or e.g. a scripted rig downloaded from the
internet is less convenient this way. We could try to improve this
still, by warning more clearly if there are scripts and perhaps
letting Blender remember which .blend files are trusted.

To completely avoid this problem (which I think is really a usability
problem with scripts disabled by default), we could try to sandbox
such scripts included in .blend files. Besides the fact that python is
difficult, by accessing Blender data and operators you can still do
the same damage though it's a more complicated. We could try to secure
this but it is really difficult, in projects that really care about
this (e.g. firefox) security holes are still found, and I don't think
Blender developers will really want to invest time to makes this safe.
It's also not something you solve once, every Blender feature is a
potential security problem. For basic expressions for drivers you
could possibly lock down pretty much everything and still have them
work. For more advanced scripts making e.g. panels or drawing in the
3d view, this will not work, and more advanced rigs will take
advantage of the extensibility of 2.5.

To sum up my opinion, sandboxing is very hard and not something we can
solve once, it requires continuous attention, so let's not even try
it. Instead, the install addon operator should warn about security
problems, and loading a .blend file with scripts should become easier
for users.

Brecht.