[Bf-committers] Please turn off Auto Run Python Scripts by default
Domino Marama
domino at dominodesigns.info
Fri Jun 7 12:08:45 CEST 2013
On 06/07/2013 10:21 AM, Ton Roosendaal wrote:
> Hi Campbell,
>
> I don't know enough about Python internals, so I depend on someone to help designing a sane way to handle security risks here. There must be ways we can help users?
>
> Look for example at the standard UI scripts. Apart from 1 case, there's no "import os" anywhere. Same goes for essential scripts riggers or animators use.
>
> So, why not add a provision in Blender code to check on such cases. Just don't allow import of any module = safe script? In all other cases: needs to be explicitly permitted to run.
>
> Something like this would make a "trusted source" option on file loading more useful. Right now, unticking "trusted source" is almost equivalent to "disable useful features".
>
>
>>> oh = 'SOS HELP!'
>>> ohoh = __import__(oh[1:3].lower())
>>> ohoh
<module 'os' from
'/home/domino/Applications/blender-2.67-linux-glibc211-x86_64/2.67/python/lib/python3.3/os.py'>
On Linux distros where system Python is used, I doubt anything can be
done to prevent the import function from being used.
Load Blender with a console, check there's the startup message on it.
Then paste this into say the frame number field..
eval("__import__('os').system('clear')", {})
Now check console again.. Just checking scripts for imports isn't enough.
More information about the Bf-committers
mailing list