atom feed94 messages in org.blender.bf-committersRe: [Bf-committers] "Security" gets i...
FromSent OnAttachments
Daniel Salazar - 3Developer.comApr 27, 2010 6:00 pm 
Matt EbbApr 27, 2010 6:17 pm 
Benjamin TolputtApr 27, 2010 7:09 pm 
Benjamin TolputtApr 27, 2010 7:25 pm 
Matt EbbApr 27, 2010 7:33 pm 
Benjamin TolputtApr 27, 2010 7:57 pm 
Campbell BartonApr 28, 2010 1:04 am 
Daniel Salazar - 3Developer.comApr 28, 2010 1:14 am 
Remo PiniApr 28, 2010 1:34 am 
Benjamin TolputtApr 28, 2010 2:36 am 
horace grantApr 28, 2010 4:28 am 
Benjamin TolputtApr 28, 2010 7:06 am 
horace grantApr 28, 2010 7:57 am 
Remo PiniApr 28, 2010 8:32 am 
Nery ChucuyApr 28, 2010 8:42 am 
Raul Fernandez HernandezApr 28, 2010 8:59 am 
male...@licuadorastudio.comApr 28, 2010 9:31 am 
Bassam KurdaliApr 28, 2010 9:55 am 
Raul Fernandez HernandezApr 28, 2010 10:59 am 
Makslane RodriguesApr 28, 2010 1:52 pm 
horace grantApr 28, 2010 2:28 pm 
Matt EbbApr 28, 2010 2:34 pm 
Charles WardlawApr 28, 2010 2:59 pm 
Makslane RodriguesApr 28, 2010 3:15 pm 
Tom MApr 28, 2010 3:16 pm 
Ruslan MerkulovApr 28, 2010 4:33 pm 
Charles WardlawApr 28, 2010 5:09 pm 
67 later messages
Subject:Re: [Bf-committers] "Security" gets in the way
From:Matt Ebb (ma@mke3.net)
Date:Apr 27, 2010 6:17:23 pm
List:org.blender.bf-committers

On Wed, Apr 28, 2010 at 11:00 AM, Daniel Salazar - 3Developer.com <zan@gmail.com> wrote:

In 2.5 since the inclusion of the "trusted source" option this has done nothing but cause problems everywhere

As I was mentioning with Daniel on IRC, I completely agree. These 'security' additions have always caused me more trouble than benefit and I have had the same experiences at my studio in the past. For example:

* People loading up files, animating and keying not knowing that python constraints etc had decided to switch themselves off, meaning that when they were enabled again, the animation was screwed

* Problems with render nodes on farms not enabling drivers/constraints that you only notice once you get a several hour long render back from the farm

This stuff is unnecessary in a studio environment, and costs money directly in wasted time. To paraphrase what I said in IRC, the problem is that this system is trying to solve a problem that a) hasn't existed and b) doesn't actually solve anyway, while at the same time it causing considerable trouble for people who are actually using blender - the cost/benefit equation is way out of whack. There are security risks for any kind of unverified file that you download - it could be a python tool that you download, or for example look at the amount of people who blindly download builds from graphicall.org which could contain anything, or any other files from the internet either.

But now we have this current situation designed to satisfy theoretical concerns by people who may not have to deal with the practical consequences. It won't really stop people from getting into trouble, but instead *stops your own work in your own files from functioning*. This is very frustrating and I think something has to change here.

Matt