How secure is Blender?

In terms of intended security holes in the code, data processing overflows and python scripting.
I am aware of:

  • reading blend files
  • importing files
  • addons
  • malicious intention by implementing security holes
  • python scripts
  • insecure libs

Does the BF checks for those kind of leakages and attacks before release?
If not what can we efficiently do to improve?

I believe it should be the most important question for Linux* users before using Blender.

  • Windows users and security? That’s strange.

You can check the FAQ:

https://wiki.blender.org/index.php/Dev:Doc/FAQ

How Does Blender Deal with Security?

Blender does not attempt to achieve the same level of security as many other applications (web browsers for example),

The ability to have blend files that execute bundled Python scripts does pose a security risk if you don’t know who created the file.

The Trusted Source option has been added to the file so you can load a blend file without running scripts as a precaution to simple attacks.
However this is no protection against more advanced exploits such as hand crafting a blend file which uses buffer overflows to run malicious code.
For more discussion on this topic:

Thanks. It looks like I have to run Blender on a separate machine.

Since the FAQ does not answer all questions, here are some more answers.

As far as I know, the review process is the only mechanism in place which prevents malicious code from entering the code base.

From time to time, they fix issues which are discovered by static analysis tools which are certainly a security risk:
https://developer.blender.org/T31069

You find some analysis results online:
https://scan.coverity.com/projects/blender

They regularly update to the most recent versions of the libraries. There are no additional checks in place as far as I know.

As far as I know, there are no special security checks in place before a release.

Use a static analysis tool for the source code and fix all security relevant issues. You certainly have to do the same for all the libraries and the code of your OS.
Keep in mind that the static analysis tools can only find some issues and also report false positives.

Whether users care about security is independent of the operating system. There are other factors that matter when choosing an operating system.

While you’re at it, get a seperate machine for every program you run that is anything that uses any kind of scripting. That includes bash.

Are you mixing something up here?
I don’t download a bash script or any other scripts from internet and run them blindly.
My whole trust besides Blender and Nvidia has been handed over to Ubuntu defaults.
All scripts I use on Ubuntu have some security standards (e.g. common PHP and Python libs).

I agree, that security is very important, but I think you might be a little too paranoid here. On the other hand, I don’t know the circumstances - maybe you work at the pentagon.

My assets are digital, if I lose them, there will be nothing valuable left.
I have just set up a cheap desktop for banking and shopping stuff only, all data on it is encrypted.

Instead of using a separate computer, I think sandboxing managers like snappy or flatpak can provide the security level you seek. If you are concerned only about you documents, you can just setup a chroot environment.

Thanks. That snappy thing looks interesting.

If you’re really worried, .blend files definitely are an attack surface. Most exploits in browsers are due to bugs in parsers written in unsafe languages (C/C++), but it’s also common for popular “offline” applications such as Adobe Reader to be targeted in this way. It’s likely that similar issues exist in Blender and many other less popular applications, but they aren’t necessarily actively exploited.

I believe it should be the most important question for Linux* users before using Blender.

  • Windows users and security? That’s strange.

Don’t fool yourself, by default Linux is just as vulnerable as any Windows or Mac OS X installation towards application exploits. In fact, if you stick to sandboxed Windows 10 store apps, you’re better off than on vanilla Linux (but those applications are more limited as well).

What really is protecting you is the amount of effort required to create and spread an exploit. Using an unpopular application like Blender on an unpopular operating system like Linux makes you an unlikely target.

My assets are digital, if I lose them, there will be nothing valuable left.

The solution here is reliable offsite backup, not protection against malware. It’s much more likely that your computer is stolen or goes up in flames than you becoming a victim of the first documented case of malicious .blend files.

Security is a strange thing, both Android and Apple have huge security problems; while they dont patch older system.
But its hard to find people who solely use landlines.
Also recently WPA2 was found to be hackable, but there is no massive ditching of ‘bogus’ wifi routers on Ebay.

I don’t see a need to be overly worried about Blender being used as a vector to spread viruses and malware, as I have never heard such an attack take place (at least one that is serious enough to get the attention of the BF).

There are many programs out there where you are far more likely to obtain viruses from (and some of them may actually be on your primary machine).

Unless you, in particular, are astoundingly interesting to hackers it is incredibly unlikely that anyone is going to either write an ostensibly useful script (which, remember, is plain text python) and attempt to hide malicious code in it, then convince you to both download and run the script inside of Blender, or (even less likely) somehow get approved malicious code into Blender proper. Artists just aren’t very interesting cybersecurity-wise (sorry guys), and the install base of Blender is small enough, and its potential attack vectors obscure enough, that worrying about this is really very paranoid. If someone wanted to get into your system, there are much easier and more lucrative avenues.

All that said, I sincerely doubt that anyone wants your (or any other average person’s) information, and definitely not your Blender assets.

By assets I meant money.
I only own digital money, I don’t use paper money.

This is not overly worried, because it’s so easy today to attack a system and the world is far from being perfect.

Wouldnt it be smarter to store your bitcoin savings in paper wallets than on a computer conneceted to the internet?

You must have some form of currency that isn’t crypto coins, how else are you able to pay for things ranging from food to utility bills (including internet)?

Unless you have someone else taking care of the stuff that requires paper money?

Bank account with credit card and Paypal. I pay for everything with them.

It is safe.

Nope, as you can see the answers above.

PayPal is the only thing I would not worry about.
Just imagine your house, your car, every Cent of your money, your passwords & keys are all stored on the hard drive. That is my case.