Made a script which will log alittle render info and send off an email once a render is complete. As of now email username, pwd, smtp, etc. are hard coded but i would like to turn this into an Addon and make it public.
I have a concern, the ability for people to script something which will “steel” email usernames and passwords.
So… is it possible to write an addon or script which you can read preference info or class variables from a different script or addon ?
Figure worst case if it is possible (gut felling says it is), ill post the script with a warning and re-write some things to make it easy to make a quick edit to make custom variable names to make it more secure.
Thanks for any insight.
[EDIT] @stephen_leger Thank you for the fast responce.
I tested this and the code works fine (Blender 2.81)
Would the following be secure for a public script ?
import random
the_alphabet = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'
randomVarEmail = ''
for x in range(0, 5):
randomVarEmail = randomVarEmail + random.choice(the_alphabet)
print(randomVarEmail)
# You need to edit this to your own info...
randomVarEmail = {
'gmail_userName': '[email protected]',
'gmail_password': 'bla',
'smtp_addy': 'smtp.gmail.com',
'smtp_port': 587,
'mailTo': ['[email protected]', '[email protected]'],
'subject_pre': 'Blender Render: '
}
print(randomVarEmail['gmail_userName'])
I tested this and the code works fine (Blender 2.81)
Would the following be secure for a public script ?
import random
the_alphabet = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'
randomVarEmail = ''
for x in range(0, 5):
randomVarEmail = randomVarEmail + random.choice(the_alphabet)
print(randomVarEmail)
# You need to edit this to your own info...
randomVarEmail = {
'gmail_userName': '[email protected]',
'gmail_password': 'bla',
'smtp_addy': 'smtp.gmail.com',
'smtp_port': 587,
'mailTo': ['[email protected]', '[email protected]'],
'subject_pre': 'Blender Render: '
}
print(randomVarEmail['gmail_userName'])
nope,
from youraddonname import randomVarEmail
print(randomVarEmail)
Crypto won’t be of any help here too as whatever your code do, anyone may do the same to revert back.
So the only real way to make this a public script would be with a ‘warning’ and let people know they will have to do a ‘find and replace’ the variable name with one of their own choice ?
Have no idea and do not know enough about security (hence the thread) like this. Im not gonna post something knowing people could be at risk and for what this addon is, sorry to say, im not gonna look farther into it… Not like this is some special addon or ground breaking.
ignoring for a moment that if someone is desperate enough to get into your code they will find a way…
why not just write your secure stuff as an external executable and simply use python to launch it. that way the amateur hackerman can peruse your plain text python scripts as much as they like