20,741
edits
Line 206: | Line 206: | ||
=== Security === | === Security === | ||
{{FGCquote | |||
|1= The security issue is that I expect FlightGear aircraft and scenery to be "content", i.e. safe to use even if I don't trust their authors with all my files, not "executables" (such as standalone-Python scripts), i.e. unrestricted so only to be installed from trusted sources. I agree it would be access as the FlightGear user and not as root, but that's already enough for the common home-user-targeted forms of malware. (And it might be remotely exploitable: last time I looked, Terrasync was un-authenticated, which is fine for a content-delivery channel but means it shouldn't be used for executables.) Inkscape, Gimp, etc only expose their scripting interface to plugins, not image files (i.e. the equivalent of giving FlightGear a Python interface but not allowing aircraft to use it, which I don't object to); Blender has an option to allow scripts in model files, but it is off by default (https://www.blender.org/manual/advanced/scripting/python/security.html). | |||
|2= {{cite web | |||
| url = http://sourceforge.net/p/flightgear/mailman/message/34789666/ | |||
| title = <nowiki>Re: [Flightgear-devel] A FGPythonSys implementation: The embedded | |||
Python interpreter as a FlightGear subsystem.</nowiki> | |||
| author = <nowiki>Rebecca N. Palmer</nowiki> | |||
| date = Jan 23rd, 2016 | |||
| added = Jan 23rd, 2016 | |||
| script_version = 0.23 | |||
}} | |||
}} | |||
{{FGCquote | {{FGCquote | ||
|1= I have toyed with the idea of embedding Python briefly in 2010. It can certainly be useful for a side project based on Flightgear, but James here has very good points and also Rebecca is right about security. Access to /home is a bad idea: it does not even have to be malicious, remeber the Steam bug which wiped the entire home directory a couple of years ago? | |1= I have toyed with the idea of embedding Python briefly in 2010. It can certainly be useful for a side project based on Flightgear, but James here has very good points and also Rebecca is right about security. Access to /home is a bad idea: it does not even have to be malicious, remeber the Steam bug which wiped the entire home directory a couple of years ago? |