This is a summary of an IRC chat of today (with Kaito and Aligorith)
When drivers are used, Python Scripting must be enabled. However it looks like most drivers can be created using a very limited set of Python (basic math operations come to mind). Because of this it may be possible and desirable to add a "minimal python interpreter" only for usage with Drivers.
@Joshua Leung (aligorith): Would you mind to add some comments about how such a "minimal python interpreter" could possiblky be implemented?
Some remarks collected from the IRC chat (just so that this information doesn't get lost):
- Basically it (the mini interpreter) would strictly white-list the types of stuff you can do with it - anything that gets too close to being able to be used for naughty stuff wouldn't be allowed.
- really, most of the drivers I've seen seem to use some combination of sin/cos and/or simple addition/mult/etc.
- ... we could play around with doing stuff like using the python ast's, and pruning out stuff we don't like when in "secure" mode
- Absolute secure doesn't exist, so we better just try to minimize risk or damage.
- The idea of a sandboxed 2nd py interpretor who only does blender py rna and basic math is great.
- You know, with such a mini-py we can also drop the gpl requirement and make .blends with embedded driver scripts etc 'free' again
- I don't think we need to code own interpreter
- I would check with the python.org team what the smallest compatible interpreter would look like and i would check with houdini, maya, lightwave and others who move to py what they do
- The traditional py devs work on servers, they see security quite different...
- What about adding a couple of python classes for the basic operations? those classes can be marked as "can be used in drivers without script enabled" or so ?