diff options
| author | Campbell Barton <ideasman42@gmail.com> | 2018-06-17 20:51:05 +0300 |
|---|---|---|
| committer | Campbell Barton <ideasman42@gmail.com> | 2018-06-17 21:01:05 +0300 |
| commit | 2ceff8bd63252924a2ae06451af6080876ed0cb3 (patch) | |
| tree | fbfb8cfd5d3f36c7e33c6c352716b5c788f3326a /source/blender/editors/space_graph | |
| parent | a24b4e6090057479796e914bc603119b12f6ca06 (diff) | |
Python: Allow untrusted py-drivers to run limited expressions
Limit to a restricted set of built-ins, as well as the math module.
Also restrict of op-codes, disallowing imports and attribute access.
This allows most math expressions to run
without any performance cost once the initial check is done.
See: D1862 for details.
Diffstat (limited to 'source/blender/editors/space_graph')
| -rw-r--r-- | source/blender/editors/space_graph/graph_buttons.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/source/blender/editors/space_graph/graph_buttons.c b/source/blender/editors/space_graph/graph_buttons.c index d5586a51a40..cac379f3786 100644 --- a/source/blender/editors/space_graph/graph_buttons.c +++ b/source/blender/editors/space_graph/graph_buttons.c @@ -782,7 +782,7 @@ static void graph_panel_drivers(const bContext *C, Panel *pa) /* errors? */ if ((G.f & G_SCRIPT_AUTOEXEC) == 0) { - uiItemL(col, IFACE_("ERROR: Python auto-execution disabled"), ICON_CANCEL); + uiItemL(col, IFACE_("WARNING: Python expressions limited for security"), ICON_ERROR); } else if (driver->flag & DRIVER_FLAG_INVALID) { uiItemL(col, IFACE_("ERROR: Invalid Python expression"), ICON_CANCEL); |