[Bf-committers] Blender security paranoia
mikejamesbelanger at gmail.com
Tue Mar 23 19:11:14 CET 2010
Couldn't agree more with both of you. Anyone in this day in age uses
regular backups, not just when they THINK their might be a system failure.
If you have work you care about, but you don't backup on a regular basis,
you are a douche. Its so easy to do, and you should do it even if Blender
developes some new-fangled python-sandboxing.
I think the bigger danger is if these superflous security featurse are
actually attempted, and more critical things ( ie general stability) are
overlooked or neglected.
On Tue, Mar 23, 2010 at 9:12 AM, §ĥřïñïďĥï Ŗäö <shrinidhi666 at gmail.com>wrote:
> On Tue, Mar 23, 2010 at 7:30 PM, Raul Fernandez Hernandez <
> raulf at info.upr.edu.cu> wrote:
> > Hi all :)
> > WARNING: this email is not targeted to anybody in particular, is just my
> > opinion and I like to learn from my mistakes :)
> > I think is good to think in all threat possibilities that could arise in
> > the future but I really don't understand all the paranoia that has being
> > awaken toward Blender.
> > It makes more harm than good because it introduce the fear in the
> > Blender ecuation , the user that will make .blend content that is worth
> > downloading and sharing will not burn his hard earned reputation in
> > making scripts for stealing user information or deleting user files.
> > C'mon we are 3D guys working hard for making .... well, you guess, 3D ,
> > is very different from people killing time writing trash on Word or
> > Power-points and also from a malicious developer point of view the user
> > share of Blender (and really from any 3D app) is not worth it.
> > In all the blender history mention a case when something like that have
> > happened before.
> > And while that is not a strong argument that prevent such situations
> > happening in the future I think such level of security is an SO duty, not
> > an app task.
> > Blender could not live without python and making mechanisms for avoid
> > automatic and hiding script running is OK, but I think we should not
> > take that further.
> > Regards farsthary
> I agree with you anytime..:) . Instead of concentrating on such "security "
> issues which is not worth the effort because IF a person intends to put
> malicious code HE WILL put it at any cost even with high security settings
> .. :( ... I would rather suggest to get the API to a stable condition and
> make it more straight forward than thinking about security. As i told in my
> earlier mail that making a software more secure makes it highly unusable in
> a production environment which needs a lot of automation .. just my 2 cents
> . :)
> Ęvęņ ģóđ fąįļş ŧŏ ųŋđęŗşţąņđ å ĥųmąņ ųņţĭļ ĥĭş đęąţĥ
> Bf-committers mailing list
> Bf-committers at blender.org
More information about the Bf-committers