[Bf-committers] Do drivers have to be blocked as python scripts?

Dahlia Trimble dahliatrimble at gmail.com
Thu Jun 5 09:07:16 CEST 2014

Rather than trying to sandbox python or limit functionality, why not just
sandbox the environment blender is running in? One could set up a render
server which clones a previously set up user with all the necessary
software installed in the user's path and setroot it so it can't touch
anything outside of it's home directory. Any render scripts could do
whatever they want and when finished, the user could be archived or
deleted. No need to worry about any malicious scripts because if they mess
anything up it would only be in the temporary user's space and it would be
deleted once the job is finished.

On Wed, Jun 4, 2014 at 11:17 PM, Daniel Salazar - patazstudio.com <
zanqdo at gmail.com> wrote:

> In my experience non techy people will happily ignore the little
> warning we have (happens over and over to my clients and coworkers). I
> propose making a blocking popup like this:
> This file contains drivers and python scripts that have been disabled
> for security reasons.
> * Continue with disabled drivers and scripts
> * Reload with enabled drivers and scripts (trusted sources only)
> * Always open files with enabled drivers and scripts (trusted sources only)
> This will make it easier for people to understand what's happening and
> ensure it can't be ignored.
> Daniel Salazar
> patazstudio.com
> _______________________________________________
> Bf-committers mailing list
> Bf-committers at blender.org
> http://lists.blender.org/mailman/listinfo/bf-committers

More information about the Bf-committers mailing list