[Bf-committers] Please turn off Auto Run Python Scripts by default
Jürgen Herrmann
shadowrom at me.com
Tue Jun 4 20:20:14 CEST 2013
That is what I meant, it's a delicate topic.
It is not very likely that this happens, but it is not impossible.
We could wait until this happens the first time and react later or we could
act preventative.
But in the end it is absolutely indifferent what we do. Some users will
always complain about it.
/Jürgen
-----Ursprüngliche Nachricht-----
Von: bf-committers-bounces at blender.org
[mailto:bf-committers-bounces at blender.org] Im Auftrag von Thomas Dinges
Gesendet: Dienstag, 4. Juni 2013 20:16
An: bf-blender developers
Betreff: Re: [Bf-committers] Please turn off Auto Run Python Scripts by
default
I may see this too simple, but you also don't run any .exe file you get your
hands on, on your computer.
In the end it all comes down to "Do I trust the source, yes or no." ;)
Come on, how often did you got a virus or so via a .exe or so, and how often
via a .blend file?
Am 04.06.2013 19:58, schrieb David Jeske:
> On Tue, Jun 4, 2013 at 8:05 AM, Brecht Van Lommel <
> brechtvanlommel at pandora.be> wrote:
>
>> Here's another discussion where the popup idea comes up:
>> http://lists.blender.org/pipermail/bf-committers/2010-March/026573.ht
>> ml
>>
>> It's a tradeoff, do we really want to degrade usability for this?
>
> I don't think this is a question of degrading expert blender usability.
> It's a question of protecting a broader less expert userbase from
> malicious blend files.
>
> I think your previous post is an excellent case for not SILENTLY
> disabling scripts by default. [1] However, this is not the only
> option. For nearly a decade MS-Word has been using a challenge dialog
> before running scripts. Is there ideological opposition to default to
> showing a dialog before processing python scripts in a blend file?
>
> The decision at the time was that no, we do not. Also note that even
>> disabling scripts does not make Blender secure, there's dozens of
>> other ways to create malicious .blend files.
>>
> What are the other "dozen" ways blender could
> read/destroy/send-files-to-the-internet/install-viruses with python
> scripts disabled?
>
> [1]
> http://lists.blender.org/pipermail/bf-committers/2010-April/027216.htm
> l _______________________________________________
> Bf-committers mailing list
> Bf-committers at blender.org
> http://lists.blender.org/mailman/listinfo/bf-committers
--
Thomas Dinges
Blender Developer, Artist and Musician
www.dingto.org
_______________________________________________
Bf-committers mailing list
Bf-committers at blender.org
http://lists.blender.org/mailman/listinfo/bf-committers
More information about the Bf-committers
mailing list