Re: A poll about digital trusting
Posted: Tue Jun 23, 2009 11:53 am
I don't want keep a insecured love until the final released.
I don't want waiting about rude to implement all the security features that I want, because I'm sure he has enougth thing to do about engine/graphics/physics/...
I think of course love (in C++) must provide some security features, like the sandbox. And it's already done, it's good.
Using a trust system is a good solution to never have a repetitive boring dialog box.
But the trust system is only usefull if the most of library authors use it and provide the digital signature.
I just want more control, to see what love do, and allow and deny what I want.
The real solution is probably both in C++and lua.
But you don't catch the case of :
- download a code
- loading it
You can load it by using loadstring, or by writing to a file and loading with require/package or with love.filesystem.* ... and maybe by other solutions.
In the final version is it really a good idea to disable the loadstring/require/package lua functions ?
each dangerous function as unfortunately often real usefull usage...
I think it's more complicated but better to have the choice.
Regards,
I don't want waiting about rude to implement all the security features that I want, because I'm sure he has enougth thing to do about engine/graphics/physics/...
I think of course love (in C++) must provide some security features, like the sandbox. And it's already done, it's good.
But I'm not running over Windows. I want something better than Windows firewallJamesGecko wrote:I don't want that; it's disruptive and most Windows firewalls already do it. The end result will be users clicking through two approval dialogs. This seems like a complicated solution for a problem that has already been solved.
Using a trust system is a good solution to never have a repetitive boring dialog box.
But the trust system is only usefull if the most of library authors use it and provide the digital signature.
I just want more control, to see what love do, and allow and deny what I want.
The real solution is probably both in C++and lua.
md5sum is simple way to trust (more easy, less powerfull).Zorbatron wrote:Require released games with custom libraries to provide the library source and a md5 hash.
But you don't catch the case of :
- download a code
- loading it
You can load it by using loadstring, or by writing to a file and loading with require/package or with love.filesystem.* ... and maybe by other solutions.
In the final version is it really a good idea to disable the loadstring/require/package lua functions ?
each dangerous function as unfortunately often real usefull usage...
I think it's more complicated but better to have the choice.
Regards,