atom feed94 messages in org.blender.bf-committersRe: [Bf-committers] "Security" gets i...
FromSent OnAttachments
Daniel Salazar - 3Developer.comApr 27, 2010 6:00 pm 
Matt EbbApr 27, 2010 6:17 pm 
Benjamin TolputtApr 27, 2010 7:09 pm 
Benjamin TolputtApr 27, 2010 7:25 pm 
Matt EbbApr 27, 2010 7:33 pm 
Benjamin TolputtApr 27, 2010 7:57 pm 
Campbell BartonApr 28, 2010 1:04 am 
Daniel Salazar - 3Developer.comApr 28, 2010 1:14 am 
Remo PiniApr 28, 2010 1:34 am 
Benjamin TolputtApr 28, 2010 2:36 am 
horace grantApr 28, 2010 4:28 am 
Benjamin TolputtApr 28, 2010 7:06 am 
horace grantApr 28, 2010 7:57 am 
Remo PiniApr 28, 2010 8:32 am 
Nery ChucuyApr 28, 2010 8:42 am 
Raul Fernandez HernandezApr 28, 2010 8:59 am 
male...@licuadorastudio.comApr 28, 2010 9:31 am 
Bassam KurdaliApr 28, 2010 9:55 am 
Raul Fernandez HernandezApr 28, 2010 10:59 am 
Makslane RodriguesApr 28, 2010 1:52 pm 
horace grantApr 28, 2010 2:28 pm 
Matt EbbApr 28, 2010 2:34 pm 
Charles WardlawApr 28, 2010 2:59 pm 
Makslane RodriguesApr 28, 2010 3:15 pm 
Tom MApr 28, 2010 3:16 pm 
Ruslan MerkulovApr 28, 2010 4:33 pm 
Charles WardlawApr 28, 2010 5:09 pm 
joeApr 28, 2010 5:21 pm 
Benjamin TolputtApr 28, 2010 5:31 pm 
Ruslan MerkulovApr 28, 2010 5:40 pm 
Benjamin TolputtApr 28, 2010 6:45 pm 
Martin PoirierApr 28, 2010 8:02 pm 
amrp...@gmail.comApr 28, 2010 8:27 pm 
Charles WardlawApr 28, 2010 8:44 pm 
Benjamin TolputtApr 28, 2010 8:57 pm 
Martin PoirierApr 28, 2010 9:02 pm 
§ĥřïñïďĥï ŖäöApr 28, 2010 9:03 pm 
57 later messages
Subject:Re: [Bf-committers] "Security" gets in the way
From:Benjamin Tolputt (btol@internode.on.net)
Date:Apr 28, 2010 7:06:17 am
List:org.blender.bf-committers

horace grant wrote:

no need for lua. python is the much nicer language. :p there is pypy which supports sandboxing and which also gets cpython api compatible at the moment.

http://morepypy.blogspot.com/2010/04/using-cpython-extension-modules-with.html

in 2 years or so (once pypy is more mature and python 3 compatible) it should be no big problem to replace cpython with pypy. as another benefit pypy will be much faster than cpython due to its jit compiler.

Whether Python is or isn't a nicer language depends on your point of view, so I won't debate that.

However, the "sand-boxing" as presented in PyPy is very crude and will do nothing to fix the issues with Python in Blender. The major problem with Python in Blender is not that it can access files "in general" (as that is a REQUIREMENT of import / export scripts for example) but that I can access EVERYTHING Python can from every execution context. That is, I might only want Python to have access to other elements in the scene (say for a rig or controlling a particle simulation) but, so long as Python can access files (which, as I said, is *required*) everything executing Python code can.

In Lua, AngelScript, Falcon, TinyScheme, etc it is possible to only expose to the execution context that which you want it to have access to. If you don't want it to read/write files - don't give it the necessary modules/functions. This is not possible in Python (everything is accessible everywhere) and the sand-boxing in PyPy is an "all or nothing" affair. Either you can access the file system or you cannot. No way to only restrict access in only some scripts (say those included in the untrusted .blend file) and not others (those installed by the end-user in the .blender/scripts directory). Not to mention the performance issues with the method PyPy users (dual processes - with all "sand-boxed" data needing to be marshalled between the Blender/Python process and it's sand-boxed proxy).

Sorry, Python is designed in such a way as to make securing it an unlikely scenario.