More information on Python security - files are now 'untrusted' by default.
Ton Roosendaal writes:
Hi all,
Here's the notes of today's meeting in irc.freenode.net #blendercoders
1) Blender 2.68 projects
- Release planning overview updated.
- Brecht van Lommel did Multiview branch review. It progresses well, but has enough open issues to better schedule it after 2.68 release.
- We do switch to OpenEXR 2.0 for all release builds though. Campbell Barton or Sergey Sharybin will handle the update for Linux platform. For OS X and Windows this has been done last week.
- Jeffrey Hoover (Italic_ in irc) volunteered to install a build-slave, and provide daily Windows builds for MSVC 32/64 bits, and for MingW 64 bits build.
- Python security: Blender now defaults to load files "Untrusted". That can make some files not work when get them, especially for animation drivers. The UI will indicate this clearly though. This week, Campbell will add the option in User Preferences to mark directories to have untrusted files - if "trusted" is default - or the other way around. That will allow you to mark your browser's download directory unsafe, and the rest of your files can auto-run scripts as usual.
2) Other projects & GSoC
- GSoC starts officially tomorrow! People interested in seeing progress or reviewing work for students should join this mailing list.
Note: especially artists are invited to closely keep an eye on developers who work on their favourite tools!
Thanks,
-Ton-
6 Comments
Good luck, GSoC developers!
da same.... good luck and let me tell you that you guys work so fast, incredible.... thank you very much, and i was reading what you are thinking and that is brutal, a new blender will come out but i like da name of BGE, anyway is gr8 idea :)
can someone tell me what this "untrusted" thing means i read the article ,but have know idea what that means, or what it will affect. thanks in advance
Every time you go to the file picker to load a .blend file, you see two check boxes: “Load UI” and “Trusted Source”. The latter means that any scripts in the file marked for auto-execute will be run when you load it. Currently that box is checked by default, but in future it will not be.
GREAT JOB dev!!
CAUTION! genius at work.
Will Voronoi Explode Modifier include?
Marking directories as “safe” or “unsafe” is not perfect, but it’s probably the best compromise solution without confusing users even more...