On 06/07/2013 10:21 AM, Ton Roosendaal wrote:
> Hi Campbell,
>
> I don't know enough about Python internals, so I depend on someone to help
> designing a sane way to handle security risks here. There must be ways we can
> help users?
>
> Look for example at the standard UI scripts. Apart from 1 case, there's no
> "import os" anywhere. Same goes for essential scripts riggers or animators
> use.
>
> So, why not add a provision in Blender code to check on such cases. Just
> don't allow import of any module = safe script? In all other cases: needs to
> be explicitly permitted to run.
>
> Something like this would make a "trusted source" option on file loading more
> useful. Right now, unticking "trusted source" is almost equivalent to
> "disable useful features".
>
>
>>> oh = 'SOS HELP!'
>>> ohoh = __import__(oh[1:3].lower())
>>> ohoh
<module 'os' from
'/home/domino/Applications/blender-2.67-linux-glibc211-x86_64/2.67/python/lib/python3.3/os.py'>
On Linux distros where system Python is used, I doubt anything can be
done to prevent the import function from being used.
Load Blender with a console, check there's the startup message on it.
Then paste this into say the frame number field..
eval("__import__('os').system('clear')", {})
Now check console again.. Just checking scripts for imports isn't enough.
_______________________________________________
Bf-committers mailing list
[email protected]
http://lists.blender.org/mailman/listinfo/bf-committers
