3.2.7 I/O Restrictions
I/O Restrictions are a feature introduced in POV-Ray for Windows 3.5. The purpose of this feature is to attempt to
at least partially protect a machine running POV-Ray from having files read or written outside of a given set of
directories.
The need for this is related to the fact that the POV-Ray scene language has, over the years, become something more
akin to a scripting language combined with a scene-description model. It is now possible to write obsfucated POV-Ray
code, and to open, create, read and write arbitrary files anywhere on the target system's hard disk (subject to
operating system permission).
The basic idea of I/O Restrictions is to attempt to protect the user from a script that may have been downloaded
from an untrusted source, and which may attempt to create or modify files that it should not.
The I/O Restriction facility hooks the file open and creation functions in the core POV-Ray renderer code, and
allows the Windows version to allow or deny any particular file operation. Please note that this only affects file I/O
from the core POV-Ray code; that is, the code that implements the parser and renderer. It does not
affect which files the Windows interface can read and write. That is to say, it does not prevent you loading a file
into an editor, or saving a file from the editor, or any other feature implemented on the Windows interface that is
not part of the core POV-Ray feature set. (The 'core feature set' is those features of POV-Ray that are available on
all operating systems and computer platforms for which a version of POV is available).
We do not guarantee that the I/O Restriction facility will actually stop anything from happening. There is always
the chance that, like almost all software, it could have a bug in it that causes it to malfunction. Therefore, the
onus is on the person who chooses to load an INI or scene file into POV-Ray to ensure that it does not do anything
that it should not do. Please consider I/O Restrictions just a sometimes-helpful backup for manual checks.
Please read this section in full so that you understand the caveats and conditions of the facility (such as the
fact that some directories are allowed by default).
|