[Bf-committers] Python security - proposal
Jochen Schmitt
Jochen at herr-schmitt.de
Sun Jun 9 21:07:34 CEST 2013
On Sun, Jun 09, 2013 at 03:02:37PM +0200, Ton Roosendaal wrote:
> 1) "Trusted source" for autorun scripts gets default disabled.
>
> 2) On loading a .blend with autorun script, we notify a user of that. How that UI will work exactly has a number of solutions we can investigate further. I suggest Campbell to investigate it and test some ideas and propose that here.
>
I want to make the following suggestion:
We should introduced a second suffix for .blend files called .blendm.
The differences between .blend and .blendm should be the following:
On .blend files the execution of python scripts is generally disallowed.
.blendm files can contain executable python scripts.
So we have the following advantages:
1.) The use can disliguish between .blend files with and without python scripts.
2.) Firewalls may able to fillter .blend files with pythons scripts for security reasons.
3.) We need no special UI for open .blend files in opposire of Ton suggestion.
You can found a simulary solution on the office products of a well knewn software
company.
Of course we may implement an infrastructure to signing .blendm files to
mark them as trustworth in a second step.
Best Regards:
Jochen Schmitt
More information about the Bf-committers
mailing list