LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Blender security vs. usability

Blender security vs. usability

Posted Jul 30, 2011 19:36 UTC (Sat) by ccurtis (guest, #49713)
Parent article: Blender security vs. usability

I wonder what would be a good model for a generic solution to this problem, which in reality affects pretty much any scriptable program.

Perhaps each piece of executable code should contain a common variable - say, SOURCEID - set to a UUID specific to a particular machine and security context (i.e. userid). Macro recorders would create this variable automatically, such as in the case of embedded code in spreadsheets.

Then, if the embedded SOURCEID matches the current SOURCEID the script runs without prompting. Otherwise, the software prompts you to run the script. ("This <data> contains foreign code. Run it? [No] [Yes] [Always]"). Selecting "Always" would change the file, replacing the original SOURCEID with your current SOURCEID, or you could simply edit the file manually if it's something like a plugin script.

This doesn't fix the Blender issue specifically unless you make the background process version assume [Yes]. It also doesn't address the issue that Linux has no machine UUID currently, unless you do something like use the one from the root filesystem. But there's certainly a hole in *nix security that assumes privilege separation stops at the user level.

(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds