On Thu, Jun 6, 2013 at 6:47 PM, Ton Roosendaal <[email protected]> wrote: > Hi, > > I think you give up too easily here. :) For example, we could also make a > bpy.os module, and mark scripts that use this as 'trusted'. Scripts using the > os.module itself then require a user to explicitly run it, or being embedded > in a file marked trusted (own files etc).
You know I already attempted this and have been shown by developers more expert in CPython internals then me, that CPython makes not effort to support such limitations and that is trivial to workaround them. You assume there is an effective way to control module importing (that we could even stop a script from using any of CPythons bundled modules - `os` included). I'd want good evidence this can be done, until someone shows this - I'll assume it can't. > This is not to forbid using os module, it's to not make such scripts run > automatic. > > The main issue would be first to sanitize our non-python writing code, make > sure this goes more secured and controlled. Once that's in place, scripters > can use that as well, and get free support for the features we use in Blender > C code all over as well. > > -Ton- _______________________________________________ Bf-committers mailing list [email protected] http://lists.blender.org/mailman/listinfo/bf-committers
