[Bf-committers] Please turn off Auto Run Python Scripts by default

Yu Asakusa yu.asakusa at gmail.com
Thu Jun 6 13:34:14 CEST 2013


>> The section you added gives a clear
>> explanation of the stance of developers that they accept the risk of
>> opening an untrusted blend file.
>
> That's not really true, it only explains how things work currently.
> I still aim for finding decent ways to better handle this risk.

My apologies.  I meant that the section explains the stance of
developers so far which resulted in the current code, and therefore it
explains the risk of the current code clearly.

Things can change in the future, and I know you are trying to handle
the risk in a better way.  Although I cannot join the technical
discussions, thank you for taking the initiative in resolving this
issue better!

Regards,
Yu

On Thu, Jun 6, 2013 at 7:08 AM, Ton Roosendaal <ton at blender.org> wrote:
> Hi,
>
>> The section you added gives a clear
>> explanation of the stance of developers that they accept the risk of
>> opening an untrusted blend file.
>
> That's not really true, it only explains how things work currently.
> I still aim for finding decent ways to better handle this risk.
>
> -Ton-
>
> --------------------------------------------------------
> Ton Roosendaal  -  ton at blender.org   -   www.blender.org
> Chairman Blender Foundation - Producer Blender Institute
> Entrepotdok 57A  -  1018AD Amsterdam  -  The Netherlands
>
>
>
> On 6 Jun, 2013, at 12:57, Yu Asakusa wrote:
>
>> On Tue, Jun 4, 2013 at 11:40 PM, Campbell Barton <ideasman42 at gmail.com> wrote:
>>> To avoid further threads on this topic added a section to our developer FAQ.
>>>
>>> http://wiki.blender.org/index.php/Dev:Doc/FAQ#How_Does_Blender_Deal_with_Security.3F
>>
>> Thank you for taking an action.  The section you added gives a clear
>> explanation of the stance of developers that they accept the risk of
>> opening an untrusted blend file.  Although a section in the
>> *developer* FAQ is probably not read by many users, I think it is good
>> as a first step toward communicating the risk to users.
>>
>> Even if users have to accept some risk when they open downloaded blend
>> files, I hope this risk can be reduced by improving Blender in some
>> way.  But beyond this intuitive level, I cannot follow the discussion,
>> so I will leave the discussion to people who know the matter well.
>> _______________________________________________
>> Bf-committers mailing list
>> Bf-committers at blender.org
>> http://lists.blender.org/mailman/listinfo/bf-committers
>
> _______________________________________________
> Bf-committers mailing list
> Bf-committers at blender.org
> http://lists.blender.org/mailman/listinfo/bf-committers


More information about the Bf-committers mailing list