To protect the contents of a Maya file? Typically protection would involve software, like Python source, but you mean to protect like a model or some animation? At that point, why wouldn’t you just hold onto the file, and not send it or make it publicly available? Maybe you have a particualr usecase in mind, because I can’t quite see it.
Also I would be most weary opening an .mb
from an untrusted source. That’s what .ma
is for, so you can inspect it for any script-related things. I’ve been bitten before and, as they saying goes, fool me once.
--
You received this message because you are subscribed to the Google Groups "Python Programming for Autodesk Maya" group.
To unsubscribe from this group and stop receiving emails from it, send an email to python_inside_m...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/python_inside_maya/a1c4949b-eead-412d-b10a-6750ab07ef85n%40googlegroups.com.
That is true, that does sound like a good idea. Assuming the software actually does what it says on the tin, it would at least protect against theft and accidental sharing.
It wouldn’t protect against sending files though, because if someone wanted to send some model or some rig, they could still just export it to a new .ma
? For that, you’d probably be better off intermingling it with custom nodes. Like how anything rigged with mGear is riddled with mGear nodes, making anyone attempting to open that rig without mGear loaded left with a sorely broken rig. And no amount of exporting or tampering with the scene file could fix it.
To view this discussion on the web visit https://groups.google.com/d/msgid/python_inside_maya/e91cc054-a7ce-42d0-8d69-920dfdaa9ffcn%40googlegroups.com.
That is true, that does sound like a good idea. Assuming the software actually does what it says on the tin, it would at least protect against theft and accidental sharing.
It wouldn’t protect against sending files though, because if someone wanted to send some model or some rig, they could still just export it to a new
.ma
? For that, you’d probably be better off intermingling it with custom nodes. Like how anything rigged with mGear is riddled with mGear nodes, making anyone attempting to open that rig without mGear loaded left with a sorely broken rig. And no amount of exporting or tampering with the scene file could fix it.
To view this discussion on the web visit https://groups.google.com/d/msgid/python_inside_maya/CAFRtmOCpAua2TmorENN9OOzG%3Deg5T-cxotu%3DW8OBTA%2B-RacWjQ%40mail.gmail.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/python_inside_maya/5eca697d-3760-42ec-af82-9663b5f963edn%40googlegroups.com.
The part of Maya that does the serialisation to ma and mb - be it via export or save - is a singular point of access. The scene callbacks should account for all ways in which creating those is possible, including via Python and MEL. It wouldn’t account for manual export to other formats, but there’s no end to that. Screenshotting your viewport is a format too, albeit a lossy one. But I’d argue that depending on what you want to protect, if that is rigs and animation, the Maya scene format should be enough.
And all of it must be done recursively on the whole data tree in scene
I’d argue not. The information you protect is the information in the scene file. If that scene file consists of an absolute path to e.g. c:\myassets\myrig.mb
then that is already protected; nobody can access that file but you on your local machine.
so at some point how to handle your RAM memory, because you can’t store this encrypted data somewhere…)
I’d argue not (again :)). Is it to protect against hacker-animators and hacker-riggers? Or against the general workforce that has no clue about callbacks and encryption? If the latter, then saving it into a temp directory first, and encrypting it after should suffice. To the user, the file would end up where they said it should. But really, it’s a different file altogether. Then that file is copied back into a temp directory and decrypted whenever they open it. All of that can happen on disk.
And besides, memory is just another location. A motivated-enough hacker-animator could access RAM as easily as any location on disk. Doesn’t increase the level of protection.
To view this discussion on the web visit https://groups.google.com/d/msgid/python_inside_maya/dbc66954-2d82-4c7f-b0d6-51e503f79942n%40googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/python_inside_maya/21a0260e-5f35-44c2-989d-4b249a37ee5cn%40googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/python_inside_maya/1e2111c8-2c29-41d8-9846-2750b670abb4n%40googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/python_inside_maya/CAPGFgA0%3D2C3G-PhFrEGmSEqe0vad0CynGd2KsMJ0x2AEofyChw%40mail.gmail.com.
About V crypt, I got in thouch with them and they sent me the system to test it in demo mode. It work pretty well, but as Justin anticipated and as the video showed, all clients are requiered to have the app.So maya is should be launched from V Crypt, and then you can open the encrypted files. Which is not ideal because you are enforcing everyone to purchast their system.So as an alternatively I tried to do something with addCheckCallback that Marcus mention:mSceneMsgOpenCheck = OpenMaya.MSceneMessage()def licenseCheckOnOpen(*args): # a function that reads your mac address and if it doesn't match the hardcoded one, it won't open.OpenMaya.MSceneMessage.addCheckCallback(mSceneMsgOpenCheck.kBeforeOpenCheck, licenseCheckOnOpen)but that was a total fail....it work is you execute that at the beginning of every maya session (for instance putting it in the userSetup.py), but then you just have to find this part of the code and remove it...ps: let me know if this last part is offtopic and I'll just shut up about it.
To view this discussion on the web visit https://groups.google.com/d/msgid/python_inside_maya/6fbec95e-db8d-4a13-bff7-ac8cd59392bfn%40googlegroups.com.
So I cam up with a evil idea that seems to work.. I create a script node that travels with the scene that will check your mac address out from a list of valid addresses (that would be the ones corresponding to the people working remotly on their personal computers).if the address doesn't match it wont open (it opens a new file for instance). So then, lets say that your address is valid. Now you would think that you can just delete the scriptNode and that's it, right? weeeeellll....I added a callback that triggers when you delete the scriptNode, that deletes everything .Of course we can just change that to something less evil, but maybe this might work? save a scriptnode will what ever callback are needed, and prevent this script node from bein delete?I don't know...I am starting to lose motivation...
To view this discussion on the web visit https://groups.google.com/d/msgid/python_inside_maya/a30ad929-e072-48b6-b933-d95032d67eb6n%40googlegroups.com.
it work is you execute that at the beginning of every maya session (for instance putting it in the userSetup.py), but then you just have to find this part of the code and remove it…
About MSceneMessage.addCheckCallback
, there are a few ways of installing it.
I’d argue each of these are equally insecure, in that anyone can (1) edit the userSetup.py, or associated environment variable that points to it, (2) unload the plug-in, forcefully or launch Maya without plug-ins and (3) find that hidden spot where you edit the new scene template.
userSetup.py can be made more secure by residing on PYTHONPATH rather than in the user’s home directory. That way, you provide your own Maya executable (e.g. a .bat file on Windows) whereby a userSetup of your choice is added to PYTHONPATH prior to launch.
:: maya.bat
set PYTHONPATH=\\server\pipeline\userSetup.py
start "c:\program files\autodesk\maya2020\bin\maya.exe"
That way, the user would be unable to launch Maya without also executing this userSetup.py. Especially if it is also what loads up relevant pipeline tooling such that if they were to try and launch it without this executable (which is read-only, on a network), they would be unable to even use Maya for their work.
And again, I think you have to define what you protecting against. Malicious hacker-animators, or the 99% case? Because no system can ever protect against every attack; not in Maya, not anywhere. If what it takes to defeat your system is to bypass a hidden userSetup.py then I’d argue you have already protected against the vast majority of cases.
To view this discussion on the web visit https://groups.google.com/d/msgid/python_inside_maya/CAPGFgA0XCBqhf3Q%2B7qrz4b3KxQ4gX2zpGBNZdHNoP9JaPCYQmw%40mail.gmail.com.