[Bf-committers] Blender security paranoia
Tyler Tricker
tntricker at gmail.com
Tue Mar 30 07:03:44 CEST 2010
This may not apply for windows or osx but linux could use signed packages
for trusted scripts which would prevent any malicious scripts from trashing
any essential scripts and permissions can be used to limit blender(and
python) to a single working user directory(revision control on the project
would be useful in case of a malicious script), so if security is essential
tutorials could be written to setup a more secure working environment. Maybe
the blender dev's should just find someone with some good environment setup
skills and incorporate them into the installation process. (at least for the
short term)
Also a command line flag should be used to turn autoscript execution on, I
think most users are against all nonessential popups.
More information about the Bf-committers
mailing list