[Bf-committers] Blender security paranoia

[Campbell Barton]

Currently I dont think any of the blender core developers really care
a lot about security (except for Ton who got the ball rolling), so
while we can have interesting email discussions, I rather some of the
people who DO care about security look at ways to improve it.

We're open for patches! :-)

On Wed, Mar 24, 2010 at 9:18 PM, Benjamin Tolputt
<btolputt at internode.on.net> wrote:
> Ton Roosendaal wrote:
>> I would consider such a popup the worst of all compromises. If every
>> other option has been exhausted, maybe.
>>
>
> Without disrespect, there really are no other compromises for security
> purposes. Either you remove or otherwise sandbox the internal
> PyConstraints & other automatic Python hooks coming from the .blend file
> (something I think we've determined is impossible at this point in time)
> or you warn the user about the possibility of untrusted scripts with a
> pop-up (with possibility of disabling them). With the first (safest)
> option removed due to design/time constraints - it really only leaves
> the poor man's security of warning the user.
>
> Python has access to everything the user account does that ran Blender.
> Either you limit that (currently impossible) or you give the user a
> chance to think about the action. It is pretty much the same thing as
> opening an EXE attachement from an email without anti-virus software.
> The email client cannot determine that the exe is safe or not, so warns
> the user. Like most of this software, Blender can have a "I know what
> the hell I'm doing" switch / command line flag that disables the pop-up
> if desired. I really can't see any other choice aside from ignoring the
> problem outright.
>
> --
> Regards,
>
> Benjamin Tolputt
> Analyst Programmer
>
> _______________________________________________
> Bf-committers mailing list
> Bf-committers at blender.org
> http://lists.blender.org/mailman/listinfo/bf-committers
>



-- 
- Campbell