Something that could make this project very popular is to remove the ability for viruses to infect systems. This means stuff such as:
- Removing the Lua I/O functions and forcing programs to use the safer love.filesystem module.
- Preventing the ability to start external processes (so that it won't extract an executable and run it).
- Preventing "require" from being used and going back to the love.filesystem.require system to prevent the library from requiring files outside of the percieved safe paths (the game directory and the configuration directory).
Complete Lack of Viral Capability
Re: Complete Lack of Viral Capability
No need to write a custom require function.This point could be handled by enabling/disabling the right loaders in package.loaders. Basically, scrap the table when LÖVE starts (to ditch all file.io based loaders), and replace it with one containing these three loaders:Luiji wrote:...
- Preventing "require" from being used and going back to the love.filesystem.require system to prevent the library from requiring files outside of the percieved safe paths (the game directory and the configuration directory).
- The current PhysFS-based one written in C++, mostly for files in the user folder (unless the next one can be adapted for that too).
- I've posted a loader based on love.filesystem.load() that should work for pure lua files and modules/submodules inside the .love file. Edit, actually, I just noticed you were the one who had posted an answer in that topic... :p
These should cover all Lua files no matter where they are located.
- To be written: A PhysFS loader for binary modules.
- Robin
- The Omniscient
- Posts: 6506
- Joined: Fri Feb 20, 2009 4:29 pm
- Location: The Netherlands
- Contact:
Re: Complete Lack of Viral Capability
Sandboxing is an issue that has split the community before, but I'm in favour.
What, do you mean bytecode or compiled C code? Because the first should be doable already (but is not recommended), and the latter was going to be in 0.6.0 (in a slightly different form: C source code, compiled on the fly), but it was scrapped because it wasn't cross-platform enough.pygy wrote:- To be written: A PhysFS loader for binary modules.
Re: Complete Lack of Viral Capability
I meant compiled C code. I arrived here right after 0.6.0 was released. What was the plan? Embeding TCC?
- Robin
- The Omniscient
- Posts: 6506
- Joined: Fri Feb 20, 2009 4:29 pm
- Location: The Netherlands
- Contact:
Re: Complete Lack of Viral Capability
Yup. It was called love.native, but was removed again once they found out it didn't work with (IIRC) 64-bit and PPC.
- bartbes
- Sex machine
- Posts: 4946
- Joined: Fri Aug 29, 2008 10:35 am
- Location: The Netherlands
- Contact:
Re: Complete Lack of Viral Capability
This discussion again? In the end nobody wants to be in jail...
Re: Complete Lack of Viral Capability
@Jasoco: what was the problem? Linking?
@BartBes: what would it prevent in practice?
@BartBes: what would it prevent in practice?
- Jasoco
- Inner party member
- Posts: 3727
- Joined: Mon Jun 22, 2009 9:35 am
- Location: Pennsylvania, USA
- Contact:
Re: Complete Lack of Viral Capability
What are you referring to me for? I didn't post anything in here.pygy wrote:@Jasoco: what was the problem? Linking?
@BartBes: what would it prevent in practice?
But I don't care what you guys do as long as we keep the ability to just sandbox all our data in our own completely separate game-specific "data box". I don't care if we have filesystem access to outside folders or not. As long as we can still access stuff in the LOVE folder in the Library. Though if we can keep the ability to check files in other LÖVE game settings folders it would be good so we could make sequel games that will give you special things if you had beaten the first game or stuff like that.
Re: Complete Lack of Viral Capability
:-| ... I meant Robin, sorry... The night has been very short.
- bartbes
- Sex machine
- Posts: 4946
- Joined: Fri Aug 29, 2008 10:35 am
- Location: The Netherlands
- Contact:
Re: Complete Lack of Viral Capability
Yes, and why me, I mean I never said anything about preventing anything.
Who is online
Users browsing this forum: Bing [Bot] and 11 guests