[Bf-committers] Please turn off Auto Run Python Scripts by default
David Jeske
davidj at gmail.com
Tue Jun 4 19:58:32 CEST 2013
On Tue, Jun 4, 2013 at 8:05 AM, Brecht Van Lommel <
brechtvanlommel at pandora.be> wrote:
> Here's another discussion where the popup idea comes up:
> http://lists.blender.org/pipermail/bf-committers/2010-March/026573.html
>
> It's a tradeoff, do we really want to degrade usability for this?
I don't think this is a question of degrading expert blender usability.
It's a question of protecting a broader less expert userbase from malicious
blend files.
I think your previous post is an excellent case for not SILENTLY disabling
scripts by default. [1] However, this is not the only option. For nearly a
decade MS-Word has been using a challenge dialog before running scripts. Is
there ideological opposition to default to showing a dialog before
processing python scripts in a blend file?
The decision at the time was that no, we do not. Also note that even
> disabling scripts does not make Blender secure, there's dozens of
> other ways to create malicious .blend files.
>
What are the other "dozen" ways blender could
read/destroy/send-files-to-the-internet/install-viruses with python scripts
disabled?
[1] http://lists.blender.org/pipermail/bf-committers/2010-April/027216.html
More information about the Bf-committers
mailing list