On Sun, Jun 9, 2013 at 5:37 PM, Knapp <magick.c...@gmail.com> wrote: >>> Sure, not everyone's a programmer that can inspect the scripts, but at some >>> point I feel the responsibility lies with the users and with the sites >>> offering the .blends to inform them of potential dangers, and not so much >>> with the BF trying to create a super-safe environment. Super-safe in this >>> case translating to crippled or unusable for some. >> >> I think you under estimate how easy it is to hide code in a blend >> file, at the risk of giving people bad ideas... > > I like a lock on a door with windows all over the house, adding some > code to blender to stop viruses will never be perfect but it will stop > the neighborhood kid from breaking in. Just knowing that blender has > some protection will slow down most virus attacks or stop them from > ever even trying. We will never be able to stop governments or other > pros from attacking the program but that does not mean we should not > lock the door.
It seems like you reply to a different point? I'm only saying that its not so fair to expect users to be able to open a blend and check for malicious python scripts. We could have some tool that extracts scripts from a blend (so at least hiding isn't so much an issue), but this isn't really a solution, just a tool that helps in certain situations. _______________________________________________ Bf-committers mailing list Bf-committers@blender.org http://lists.blender.org/mailman/listinfo/bf-committers
