Page MenuHome

Option to open Blend file with Python disabled
Closed, ArchivedPublicPATCH

Description

After some conversation with cambpell and ianwill I took the time to code this patch.

This is a method to improve the safety of Blender Files providing the use with the option to enable or not Python to the file that is loaded.

The option is in the Load File window, by the "LOAD UI" option.
The default option is ON, so there is no backward/console incompatibility.

I'm creating a new global variable G.fileflags G_FILE_NO_PYTHON and checking it to pyNodes, pyDrivers, pyConstraint, Pythons Scripts, BGE scripts, Space Handles, Script Links.

The files that still have an isolated G_DOSCRIPTLINKS are:

1)Scene.c, lines 822, 826 and 831
2)blender.c 392
(In the patch these lines have the comment: // G.fileflags & G_FILE_NO_PYTHON)


I kept the -y command line option disabling only SpaceHandler (this is the way it was). But not I'm using -Y to completely disable Python.


I don't know how to test pyConstraint properly (I never used them). If someone could test it better would great.
I'm attaching as well some demofiles I was using to test the patch.

EDIT::
console -Y is not working, console -y disable Python for almost everything.

Event Timeline

I'm rewriting this patch, so don't need to waste your time reviewing it yet :)

New Patch against the current trunk (16851).

The console is working now
Everything is working but ...

1) Once you disable the pyDriver, you need to enable, and click in the object driver, and then in pyDriver again (they are the same button).

I think the problem is my "python disabled message".

2) by-design, and limitations, I'm using the same flag for user preferences and the Load GUI. And when we run in the console with -y, even if you press Ctrl+X, the python will be disabled by default (even if your default configuration is enabled)... off course can be enabled by the gui.
...lets consider this a safe-mode :)

Im attaching two more tests files (space Handler and script with menu). To test pyConstraint i used http://graphicall.org/bbb/chars/bird.blend ).



I tested (a lot) and is working and would be ready for integration.

With PyDrivers, I think the problem might be more with how their depsgraph recalcs are done. IIRC, we currently have a problem where they sometimes need to have one of their fields clicked on before they can correctly function.

+1

A lot of changes :)
I'm sending the file 06_oct.patch now.

The only Pything I need to double check/test/reduce number of calls is the PyConstraint.

The Patch is very complete though.
In the end I will organize better the buttons_script.c.

But basically is working very well.

#################
Know Issues:
-To optimize I should toggle an internal pyDriver related flag when I Enable/Disable it. (instead of checking for my 2 flags)

-drawnode.c - I should redraw the node window when toggle PyNode.

-interface.c - ui_act_as_text_but() - commentaries in file

-BPY_interface.c - line 880 - I'm blocking menu (official) scripts but we don't have specific flags for them (this is not a setup from file, therefore I don't think we need flags).

-would be nice to KILL scripts that are already running when you disable Python

Well, now it looks ok for me.

I would like some feedback regarding pyContraints.
This is the patch file - 07_oct_B

I'm also attaching the final files I used for testing - pyFILES.zip

And I also posted a windows binary using this patch - http://www.graphicall.org/builds/builds/showbuild.php?action=show&id=830

Thanks to same feedback from BlenderArtists I finished the PyConstraint part.

file: 08_oct_pyconstraints.patch

Now the patch is 99% ready. Maybe a good time to think in the GUI? (buttons_script.c)

I'm uploading an example file showing the vulnerability in pyNodes.

Dont need to worry, it's opening this webpage and printing in the console only.
(If you dont trust use one of the NoPython binaries from Graphicall :p)

Well, for security reasons the testing file was removed. If you wanna test in your system send me an email - dfelintoATyahoo.com

Same comment as others - if it is relevant and a good patch commit, otherwise please close :)

I'm closing this patch thread.

The main reason being (1) it's totally outdated, (2) Ton really didn't liked the idea (back in 2008 @ bconf) (3) people are aware of python insecurity so this patch is not needed even as a reminding of this.

Dalai Felinto (dfelinto) changed the task status from Unknown Status to Unknown Status.Feb 1 2010, 8:31 PM