[Bf-committers] Blender security paranoia

Mike Belanger mikejamesbelanger at gmail.com
Tue Mar 23 19:11:14 CET 2010


Couldn't agree more with both of you.  Anyone in this day in age uses
regular backups, not just when they THINK their might be a system failure.
If you have work you care about, but you don't backup on a regular basis,
you are a douche.  Its so easy to do, and you should do it even if Blender
developes some new-fangled python-sandboxing.

I think the bigger danger is if these superflous security featurse are
actually attempted, and more critical things ( ie general stability) are
overlooked or neglected.

On Tue, Mar 23, 2010 at 9:12 AM, §ĥřïñïďĥï Ŗäö <shrinidhi666 at gmail.com>wrote:

>  On Tue, Mar 23, 2010 at 7:30 PM, Raul Fernandez Hernandez <
> raulf at info.upr.edu.cu> wrote:
>
> > Hi all :)
> >
> > WARNING: this email is not targeted to anybody in particular, is just my
> > opinion and I like to learn from my mistakes :)
> >
> > I think is good to think in all threat possibilities that could arise in
> > the future but I really don't understand all the paranoia that has being
> > awaken toward Blender.
> >  It makes more harm than good because it introduce the fear in the
> > Blender ecuation , the user that will make .blend content that is worth
> > downloading and sharing will not burn his hard earned reputation in
> > making scripts for stealing user information or deleting user files.
> >  C'mon we are 3D guys working hard for making .... well, you guess, 3D ,
> > is very different from people killing time writing trash on Word or
> > Power-points and also from a malicious developer point of view the user
> > share of Blender (and really from any 3D app) is not worth it.
> >  In all the blender history mention a case when something like that have
> > happened before.
> >  And while that is not a strong argument that prevent such situations
> from
> > happening in the future I think such level of security is an SO duty, not
> > an app task.
> >  Blender could not live without python and making mechanisms for avoid
> > automatic and hiding script running is OK, but I think we should not
> > take that further.
> >
> >                                        Regards farsthary
> >
> >
> >
> >
> I agree with you anytime..:) . Instead of concentrating on such "security "
> issues which is not worth the effort because IF a person intends to put
> some
> malicious code HE WILL put it at any cost even with high security settings
> .. :( ... I  would rather suggest to get the API to a stable condition and
> make it more straight forward than thinking about security. As i told in my
> earlier mail that making a software more secure makes it highly unusable in
> a production environment which needs a lot of automation .. just my 2 cents
> . :)
>
> regards
> shrinidhi
>
>
>
> --
> Ęvęņ ģóđ fąįļş ŧŏ ųŋđęŗşţąņđ å ĥųmąņ ųņţĭļ ĥĭş đęąţĥ
>
> http://www.linkedin.com/in/shrinidhi666
> http://www.shrinidhi666.wordpress.com
> http://www.imdb.com/name/nm3025616
>  _______________________________________________
> Bf-committers mailing list
> Bf-committers at blender.org
> http://lists.blender.org/mailman/listinfo/bf-committers
>



-- 
www.watchmike.ca


More information about the Bf-committers mailing list