[Bf-committers] Please turn off Auto Run Python Scripts by default

Campbell Barton ideasman42 at gmail.com
Wed Jun 5 19:55:25 CEST 2013


Hacked os module isn't really an option, Python uses this for its
internal operations all over the place - a lot of python modules are
written in Python so these would break.

In python3.3 module dir...
find -name "*.py" | xargs grep "\bos\." | wc -l
--> 7833

Attempting to let Python do its own thing but sandbox Blender scripts
also cant work well,

In the BGE we did have some basic security (disable some modules &
open()... iirc),
But this is trivially easy to workaround - as in one line of python to
get access to the real modules/functions.

The only way I could see this working would be to do this on a libc
level - replacing pythons own calls to open() / fopen() etc. But this
also gives high risk of breaking Python its self.


More information about the Bf-committers mailing list