[Bf-committers] Please turn off Auto Run Python Scripts by default
mein at cs.umn.edu
mein at cs.umn.edu
Wed Jun 5 16:44:43 CEST 2013
In reply to Ton Roosendaal (ton at blender.org):
> From: Ton Roosendaal <ton at blender.org>
> Date: Wed, 5 Jun 2013 14:35:16 +0200
> To: bf-blender developers <bf-committers at blender.org>
> X-Mailer: Apple Mail (2.1283)
> Subject: Re: [Bf-committers] Please turn off Auto Run Python Scripts by
> default
> Reply-To: bf-blender developers <bf-committers at blender.org>
>
> Hi,
>
> 3) Formalize definition of "trusted source" better.
>
> - Any .blend file with absolute output paths could be marked untrusted by default.
>
> - Macs (and Windows?) already have a way to detect a downloaded file, which can marked to be untrusted .blend.
>
> - Blender files can also get a User identifier struct, which can be used for various ways to mark files 'trusted' or not.
> In its simplest implementation it can just store an identifier string (copied from userpref) to mark files as "saved by myself".
And we could create a file that stores oked identifiers.
Similar to ssh's known_hosts
If you open a file with an unknown identifier ask do you really want to
open the file, and do you want to store that identifier as trusted.
Kent
More information about the Bf-committers
mailing list