hehe, use lua :D, I shouldnt have suggested this at lunch today! one day I'm told the API needs to be stabilized ASAP, the next, suggestion to switch languages. I cant take this seriously!
LetterRip, both blender2.5 and Maya include their own python, so it doesn't matter if the user has python installed or not. again, the problem isnt that blender embeds python, its that we allow blend files to execute python automatically, effectively making opening a *.blend file as safe as running an *.exe file on windows from some unknown site. (automatic execution is disabled by default but renderfarms would probably need to enable this to be of any use). but you are right, renderfarms should secure their environment, sungrid did this very well. You could not even ping an external URL from a render node. for now I'm happy to have the 'Trusted' option on load, and focus on keeping blender useful rather then try apply the same rules as you would with a web-plugin. Don't know of any developer who is interested in doing this & doubt anything will change. On Wed, Mar 17, 2010 at 6:46 PM, Tom M <letter...@gmail.com> wrote: > Ton, > > on a farm blender would only have access to the folder that the admin has > setup. > > Any computer that has python installed has the exact same security risks. > > These days, pretty much every computer has python preinstalled, > especially one used for animation. > > Every animation tool has the same issue as far as i'm aware > > http://securitytracker.com/alerts/2009/Nov/1023228.html > > LetterRip > > On Wed, Mar 17, 2010 at 8:45 AM, Ton Roosendaal <t...@blender.org> wrote: >> Hi, >> >> I am not talking about "make everything in Python run sandboxed". The >> target can be narrowed down to a simpler task: >> >> 1) support animation scripts (drivers, constraints, fcurve mods) >> 2) interface scripts >> 3) basic import and export >> >> If '3' or even '2' is not possible, we then can try '1' even, it might >> be useful for a total-safe blender to be used on farms, or for bug >> checks, etc. We should be aware that nearly every user won't ever code >> Python tools anyway. >> >> I also dare to challange python.org to look into this topic again. If >> we cannot provide a decent quality and reasonable safe Blender with >> Python, we better ditch it and switch to Lua or so. >> >> -Ton- >> >> ------------------------------------------------------------------------ >> Ton Roosendaal Blender Foundation t...@blender.org www.blender.org >> Blender Institute Entrepotdok 57A 1018AD Amsterdam The Netherlands >> >> On 17 Mar, 2010, at 13:38, Martin Poirier wrote: >> >>> >>> >>> --- On Wed, 3/17/10, Campbell Barton <ideasma...@gmail.com> wrote: >>> >>>> I'm not interested in this for a few reasons... >>>> >>>> * Its a lot of work, even python guys have trouble to do >>>> this well and >>>> there are way more python developers then blenders. >>> >>> For this exact reason, I think it's totally outside the scope of GSOC. >>> >>> Better people have tried and failed before. >>> >>> Martin >>> >>> >>> >>> __________________________________________________________________ >>> Yahoo! Canada Toolbar: Search from anywhere on the web, and bookmark >>> your favourite sites. Download it now >>> http://ca.toolbar.yahoo.com. >>> _______________________________________________ >>> Bf-committers mailing list >>> Bf-committers@blender.org >>> http://lists.blender.org/mailman/listinfo/bf-committers >> >> _______________________________________________ >> Bf-committers mailing list >> Bf-committers@blender.org >> http://lists.blender.org/mailman/listinfo/bf-committers >> > _______________________________________________ > Bf-committers mailing list > Bf-committers@blender.org > http://lists.blender.org/mailman/listinfo/bf-committers > -- - Campbell _______________________________________________ Bf-committers mailing list Bf-committers@blender.org http://lists.blender.org/mailman/listinfo/bf-committers
