This patch doesn't make any changes to how drivers work, it just inspects Python's code object and its byte-codes, failing when any *unsupported* operations are used.
How it works
Restrict Name Access
First all names are checked, they must be in our white-list, that includes...
- driver namespace (including math, mathutils.noise)
- driver variable names.
- our own whitelist of __builtins__.
This means you can't access import, open, exec and eval.
However restricting names isn't enough, since you can do tricks like...
max.__class__.__class__.__subclasses__(max.__class__.__class__)[0].__new__.__globals__['__builtins__']['open']("/somefile")Restrict Byte-Code Use
As well as restricting names, this patch checks byte-codes and disallows many operations, including import and attribute access.
This means you can do math expressions, with variables - but not very much more.
Tested with glass-half file, and all expressions pass the test.
What Works?
The following expression works
sin(a) / cos(b) ** 2
This doesn't (no attribute access)
sin(a.b) / cos(b) ** 2
Also not (no access to getattr or import) ....
getattr(__import__("os"), "unlink")("/path")The tricky part is ensuring that this really is secure. To test this more easily, I've made a project on github [0] that implements this in Python which is easier to test.