[Bf-committers] Please turn off Auto Run Python Scripts by default

Yu Asakusa yu.asakusa at gmail.com
Tue Jun 4 15:50:31 CEST 2013 

Dear Thomas,

As I wrote in the first email, I know there are options to change the
behavior, and I am questioning the *default* behavior.

I agree a confirmation popup is not nice, but I am suggesting the
confirmation as a compromise to make Blender secure by default without
causing data loss to users whose workflow relies on autorun.

Yu

On Tue, Jun 4, 2013 at 9:34 AM, Thomas Dinges <blender at dingto.org> wrote:
> Hi,
> as someone previously said, you can start Blender with a parameter (-Y),
> to not start scripts automatically, so there is already an option. You
> can set that to your blender.exe or so, then you don't have to manually
> set it on each startup.
> Having a Confirmation popup "Do you really want to run the script?" is
> not a good idea, neither as a preference or not.
>
> Thomas
>
> Am 04.06.2013 15:23, schrieb Yu Asakusa:
>> Thank you for the reply, and especially for the pointer to the
>> previous discussion in April and May 2010.  I was not aware of it.
>>
>> I think I took a look at all the messages in that thread in the
>> archive.  Now I understand it is unacceptable to some people to
>> disable autoruns by default.  So I will change my suggestion to the
>> following:  Please add an option to confirm before Blender runs Python
>> scripts automatically, and turn on this new option by default.
>> Probably this option should be ignored in the batch mode.
>>
>> I tried to find this suggestion in the past thread, but I could not
>> find it.  Excuse me if this was already suggested and rejected for
>> some reason and I overlooked it, but in that case I am curious what
>> the reason for rejection was.
>>
>> On Tue, Jun 4, 2013 at 8:15 AM, Brecht Van Lommel
>> <brechtvanlommel at pandora.be> wrote:
>>> There was a decision to turn autorun on even if it causes potential
>>> security issues, what it comes down to is that we can't really secure
>>> python scripts, but they are critical for many artists worksflows.
>>>
>>> For a long discussion on the topic see here:
>>> http://lists.blender.org/pipermail/bf-committers/2010-April/027216.html
>>>
>>> On Tue, Jun 4, 2013 at 12:51 PM, Yu Asakusa <yu.asakusa at gmail.com> wrote:
>>>> Hello,
>>>>
>>>> Currently “Auto Run Python Scripts” in the File tab in the user
>>>> preferences (UserPreferencesSystem.use_scripts_auto_execute in Python)
>>>> is turned on by default.  Please turn it off by default.
>>>>
>>>> The current default setting means that when users open a blend file,
>>>> Blender runs any Python scripts in the file as long as they are marked
>>>> for auto-run.  Python scripts can read/write local files and do other
>>>> malicious things.  Therefore, if users would like to open an untrusted
>>>> blend file, they must explicitly disable auto-run by either turning
>>>> off “Auto Run Python Scripts” in the user preferences or turning off
>>>> the “Trusted Source” checkbox in the File Browser window.  (See also
>>>> my post on Google+
>>>> <https://plus.google.com/u/0/102042171744549015655/posts/2ayrQg2gUG6>.)
>>>>
>>>> I do not think many users know it is dangerous to open an untrusted
>>>> blend file with the default settings in Blender.  It is different from
>>>> the common expectation for file-editing programs such as word
>>>> processors: opening an untrusted file in file-editing programs is
>>>> usually not considered to be a security risk.  In other words, in
>>>> file-editing programs, it is program’s responsibility to prevent
>>>> attacks even if users open malicious files.  Depending on the point of
>>>> view, the current default behavior may be considered as a security
>>>> vulnerability in Blender because of the mismatch between user’s
>>>> expectation and the actual behavior.
>>>>
>>>> Regards,
>>>> Yu
>>>> _______________________________________________
>>>> Bf-committers mailing list
>>>> Bf-committers at blender.org
>>>> http://lists.blender.org/mailman/listinfo/bf-committers
>>> _______________________________________________
>>> Bf-committers mailing list
>>> Bf-committers at blender.org
>>> http://lists.blender.org/mailman/listinfo/bf-committers
>> _______________________________________________
>> Bf-committers mailing list
>> Bf-committers at blender.org
>> http://lists.blender.org/mailman/listinfo/bf-committers
>
>
> --
> Thomas Dinges
> Blender Developer, Artist and Musician
>
> www.dingto.org
>
> _______________________________________________
> Bf-committers mailing list
> Bf-committers at blender.org
> http://lists.blender.org/mailman/listinfo/bf-committers

More information about the Bf-committers mailing list