1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
|
diff -Npur blender-2.63.orig/build_files/scons/tools/btools.py blender-2.63/build_files/scons/tools/btools.py
--- blender-2.63.orig/build_files/scons/tools/btools.py 2012-05-08 00:05:06.963498491 +0200
+++ blender-2.63/build_files/scons/tools/btools.py 2012-05-08 00:06:42.238496807 +0200
@@ -96,7 +96,7 @@ def print_arguments(args, bc):
def validate_arguments(args, bc):
opts_list = [
- 'WITH_BF_PYTHON', 'WITH_BF_PYTHON_SAFETY', 'BF_PYTHON', 'BF_PYTHON_VERSION', 'BF_PYTHON_INC', 'BF_PYTHON_BINARY', 'BF_PYTHON_LIB', 'BF_PYTHON_LIBPATH', 'WITH_BF_STATICPYTHON', 'WITH_OSX_STATICPYTHON', 'BF_PYTHON_LIB_STATIC', 'BF_PYTHON_DLL', 'BF_PYTHON_ABI_FLAGS',
+ 'WITH_BF_PYTHON', 'WITH_BF_PYTHON_SAFETY', 'BF_PYTHON', 'BF_PYTHON_VERSION', 'BF_PYTHON_INC', 'BF_PYTHON_BINARY', 'BF_PYTHON_LIB', 'BF_PYTHON_LIBPATH', 'WITH_BF_STATICPYTHON', 'WITH_OSX_STATICPYTHON', 'BF_PYTHON_LIB_STATIC', 'BF_PYTHON_DLL', 'BF_PYTHON_ABI_FLAGS', 'WITH_PYTHON_SECURITY',
'WITH_BF_OPENAL', 'BF_OPENAL', 'BF_OPENAL_INC', 'BF_OPENAL_LIB', 'BF_OPENAL_LIBPATH', 'WITH_BF_STATICOPENAL', 'BF_OPENAL_LIB_STATIC',
'WITH_BF_SDL', 'BF_SDL', 'BF_SDL_INC', 'BF_SDL_LIB', 'BF_SDL_LIBPATH',
'WITH_BF_JACK', 'BF_JACK', 'BF_JACK_INC', 'BF_JACK_LIB', 'BF_JACK_LIBPATH',
@@ -261,6 +261,7 @@ def read_opts(env, cfg, args):
(BoolVariable('WITH_BF_STATICPYTHON', 'Staticly link to python', False)),
(BoolVariable('WITH_OSX_STATICPYTHON', 'Staticly link to python', True)),
('BF_PYTHON_ABI_FLAGS', 'Python ABI flags (suffix in library version: m, mu, etc)', ''),
+ (BoolVariable('WITH_PYTHON_SECURITY', 'Disables execution of scripts within blend files by default (recommend to leave off)', False)),
(BoolVariable('WITH_BF_FLUID', 'Build with Fluid simulation (Elbeem)', True)),
(BoolVariable('WITH_BF_DECIMATE', 'Build with decimate modifier', True)),
diff -Npur blender-2.63.orig/SConstruct blender-2.63/SConstruct
--- blender-2.63.orig/SConstruct 2012-05-08 00:05:06.933498492 +0200
+++ blender-2.63/SConstruct 2012-05-08 00:05:45.665497801 +0200
@@ -349,6 +349,10 @@ if 'blenderplayer' in B.targets:
if 'blendernogame' in B.targets:
env['WITH_BF_GAMEENGINE'] = False
+# build without python autoexec security?
+if env['WITH_PYTHON_SECURITY'] == True:
+ env.Append(CPPFLAGS=['-DWITH_PYTHON_SECURITY'])
+
# build without elbeem (fluidsim)?
if env['WITH_BF_FLUID'] == 1:
env['CPPFLAGS'].append('-DWITH_MOD_FLUID')
diff -Npur blender-2.63.orig/source/blender/blenkernel/intern/blender.c blender-2.63/source/blender/blenkernel/intern/blender.c
--- blender-2.63.orig/source/blender/blenkernel/intern/blender.c 2012-05-08 00:05:06.994498491 +0200
+++ blender-2.63/source/blender/blenkernel/intern/blender.c 2012-05-08 00:07:04.274496414 +0200
@@ -145,6 +145,7 @@ void initglobals(void)
G.f |= G_SCRIPT_AUTOEXEC;
#else
G.f &= ~G_SCRIPT_AUTOEXEC;
+ G.f |= G_SCRIPT_OVERRIDE_PREF; /* Disables turning G_SCRIPT_AUTOEXEC on from user prefs */
#endif
}
diff -Npur blender-2.63.orig/source/blender/makesrna/intern/rna_userdef.c blender-2.63/source/blender/makesrna/intern/rna_userdef.c
--- blender-2.63.orig/source/blender/makesrna/intern/rna_userdef.c 2012-05-08 00:05:07.002498491 +0200
+++ blender-2.63/source/blender/makesrna/intern/rna_userdef.c 2012-05-08 00:08:04.547495355 +0200
@@ -126,9 +126,17 @@ static void rna_userdef_show_manipulator
static void rna_userdef_script_autoexec_update(Main *UNUSED(bmain), Scene *UNUSED(scene), PointerRNA *ptr)
{
- UserDef *userdef = (UserDef*)ptr->data;
- if (userdef->flag & USER_SCRIPT_AUTOEXEC_DISABLE) G.f &= ~G_SCRIPT_AUTOEXEC;
- else G.f |= G_SCRIPT_AUTOEXEC;
+ if ((G.f & G_SCRIPT_OVERRIDE_PREF) == 0) {
+ /* Blender run with --enable-autoexec */
+ UserDef *userdef = (UserDef*)ptr->data;
+ if (userdef->flag & USER_SCRIPT_AUTOEXEC_DISABLE) G.f &= ~G_SCRIPT_AUTOEXEC;
+ else G.f |= G_SCRIPT_AUTOEXEC;
+ }
+}
+
+static int rna_userdef_script_autoexec_editable(Main *bmain, Scene *scene, PointerRNA *ptr) {
+ /* Disable "Auto Run Python Scripts" checkbox unless Blender run with --enable-autoexec */
+ return !(G.f & G_SCRIPT_OVERRIDE_PREF);
}
static void rna_userdef_mipmap_update(Main *bmain, Scene *scene, PointerRNA *ptr)
@@ -2994,6 +3002,8 @@ static void rna_def_userdef_system(Blend
"Allow any .blend file to run scripts automatically "
"(unsafe with blend files from an untrusted source)");
RNA_def_property_update(prop, 0, "rna_userdef_script_autoexec_update");
+ /* Disable "Auto Run Python Scripts" checkbox unless Blender run with --enable-autoexec */
+ RNA_def_property_editable_func(prop, "rna_userdef_script_autoexec_editable");
prop = RNA_def_property(srna, "use_tabs_as_spaces", PROP_BOOLEAN, PROP_NONE);
RNA_def_property_boolean_negative_sdna(prop, NULL, "flag", USER_TXT_TABSTOSPACES_DISABLE);
diff -Npur blender-2.63.orig/source/blender/windowmanager/intern/wm_files.c blender-2.63/source/blender/windowmanager/intern/wm_files.c
--- blender-2.63.orig/source/blender/windowmanager/intern/wm_files.c 2012-05-08 00:05:07.094498489 +0200
+++ blender-2.63/source/blender/windowmanager/intern/wm_files.c 2012-05-08 00:09:20.964493999 +0200
@@ -288,13 +288,18 @@ static void wm_init_userdef(bContext *C)
/* set the python auto-execute setting from user prefs */
/* enabled by default, unless explicitly enabled in the command line which overrides */
- if ((G.f & G_SCRIPT_OVERRIDE_PREF) == 0) {
+ if (! G.background && ((G.f & G_SCRIPT_OVERRIDE_PREF) == 0)) {
+ /* Blender run with --enable-autoexec */
if ((U.flag & USER_SCRIPT_AUTOEXEC_DISABLE) == 0) G.f |= G_SCRIPT_AUTOEXEC;
else G.f &= ~G_SCRIPT_AUTOEXEC;
}
/* update tempdir from user preferences */
BLI_init_temporary_dir(U.tempdir);
+
+ /* Workaround to fix default of "Auto Run Python Scripts" checkbox */
+ if ((G.f & G_SCRIPT_OVERRIDE_PREF) && !(G.f & G_SCRIPT_AUTOEXEC))
+ U.flag |= USER_SCRIPT_AUTOEXEC_DISABLE;
}
diff -Npur blender-2.63.orig/source/blender/windowmanager/intern/wm_operators.c blender-2.63/source/blender/windowmanager/intern/wm_operators.c
--- blender-2.63.orig/source/blender/windowmanager/intern/wm_operators.c 2012-05-08 00:05:07.093498489 +0200
+++ blender-2.63/source/blender/windowmanager/intern/wm_operators.c 2012-05-08 00:10:59.325492259 +0200
@@ -1627,12 +1627,13 @@ static int wm_open_mainfile_exec(bContex
G.fileflags &= ~G_FILE_NO_UI;
else
G.fileflags |= G_FILE_NO_UI;
-
- if (RNA_boolean_get(op->ptr, "use_scripts"))
+
+ /* Restrict "Trusted Source" mode to Blender in --enable-autoexec mode */
+ if(RNA_boolean_get(op->ptr, "use_scripts") && (!(G.f & G_SCRIPT_OVERRIDE_PREF)))
G.f |= G_SCRIPT_AUTOEXEC;
else
G.f &= ~G_SCRIPT_AUTOEXEC;
-
+
// XXX wm in context is not set correctly after WM_read_file -> crash
// do it before for now, but is this correct with multiple windows?
WM_event_add_notifier(C, NC_WINDOW, NULL);
@@ -1644,6 +1645,8 @@ static int wm_open_mainfile_exec(bContex
static void WM_OT_open_mainfile(wmOperatorType *ot)
{
+ PropertyRNA * use_scripts_checkbox = NULL;
+
ot->name = "Open Blender File";
ot->idname = "WM_OT_open_mainfile";
ot->description = "Open a Blender file";
@@ -1656,8 +1659,12 @@ static void WM_OT_open_mainfile(wmOperat
WM_FILESEL_FILEPATH, FILE_DEFAULTDISPLAY);
RNA_def_boolean(ot->srna, "load_ui", 1, "Load UI", "Load user interface setup in the .blend file");
- RNA_def_boolean(ot->srna, "use_scripts", 1, "Trusted Source",
+ use_scripts_checkbox = RNA_def_boolean(ot->srna, "use_scripts",
+ !!(G.f & G_SCRIPT_AUTOEXEC), "Trusted Source",
"Allow .blend file to execute scripts automatically, default available from system preferences");
+ /* Disable "Trusted Source" checkbox unless Blender run with --enable-autoexec */
+ if (use_scripts_checkbox && (G.f & G_SCRIPT_OVERRIDE_PREF))
+ RNA_def_property_clear_flag(use_scripts_checkbox, PROP_EDITABLE);
}
/* **************** link/append *************** */
diff -Npur blender-2.63.orig/source/creator/creator.c blender-2.63/source/creator/creator.c
--- blender-2.63.orig/source/creator/creator.c 2012-05-08 00:05:06.987498491 +0200
+++ blender-2.63/source/creator/creator.c 2012-05-08 00:11:37.213491621 +0200
@@ -342,14 +342,14 @@ static int end_arguments(int UNUSED(argc
static int enable_python(int UNUSED(argc), const char **UNUSED(argv), void *UNUSED(data))
{
G.f |= G_SCRIPT_AUTOEXEC;
- G.f |= G_SCRIPT_OVERRIDE_PREF;
+ G.f &= ~G_SCRIPT_OVERRIDE_PREF; /* Enables turning G_SCRIPT_AUTOEXEC off from user prefs */
return 0;
}
static int disable_python(int UNUSED(argc), const char **UNUSED(argv), void *UNUSED(data))
{
G.f &= ~G_SCRIPT_AUTOEXEC;
- G.f |= G_SCRIPT_OVERRIDE_PREF;
+ G.f |= G_SCRIPT_OVERRIDE_PREF; /* Disables turning G_SCRIPT_AUTOEXEC on from user prefs */
return 0;
}
|