Jump to content

C++ Mods - are they safe?


Guest razo

Recommended Posts

First a little quote from slashdot.

I've never been a fan of c++ add-ons. You can't build a newbie-friendly community when your mods are potentially unsafe. Unreal, for example, allows c++ add-ons but it's considered very poor form. The big MSU contest bans entries with native code. These days I don't see c++ as a pro. When I see that I think of it more as a "no scripting language" con. I'd hate to see mods begin to bundle in other software, for example. I'd just much rather keep things in a safe sandbox. I certainly don't have the time or desire to review source code before playing a mod.

As far as I've understood mods will be C/C++ only. What about buffer overflows? What about malicious mod makers? Wouldn't a sandbox, like suggested in the comment above, be a better idea?

Link to comment

I think the mta team are aware of these issues and in the new core (mta Blue" there will be prevention of these things happening but as the mta team say IT WILL BE ADDONS nothing else, not cheating, just addons therefore maybe the mta team will put a block on how big the file size can be.... im not sure but only time will tell ;)

Link to comment

Yes i still like my idea that i suggested of something like a message dialog popping up and asking you to download the specified "add on" or have the downloads integrated into the server list therefor meaning that wen u cvlik on a server to look at the options it will tell you what "add on" they are playing and giving you a download link ;)

Link to comment

I don't think either of you understand. This is beyond cheating and beyond MTA. Razo means that because the language used is C++, this will give people with malicious intent the ability to exploit client and server machines and gain command access. Simply put, he means that bad people will be able to hack into players' computers unless the system is sandboxed, or contained within an isolated virtual environment. Very good question :D

Link to comment

Err.. I think you're missing my point here. I was not talking about cheating, the size the of add-on or anything. I just don't like the idea of compiled binaries that the mod user hasn't got a clue of what does. For all you know, it could secretly send your passwords to a server in China - and you would never know. I'm not going to explain buffer overflows in detail here, but they are basicly bugs that may allow malicious people to run arbitrary code on your PC.

EDIT: You beat me to it b0b0. :)

Link to comment

We have discussed this as a team, and we're going to try to think up a method for ensuring addons are safe. As has been pointed out, an addon could theoretically do anything to your system, be it a half-life addon or a blue addon. I think the key will be that certain addons will appear that are considered the best - like CS on half-life, and these will be safe. Its only when you start downloading random addons that are new that you should worry about the safety of them.

eAi

Link to comment

First of all, if this is going to be a dll/so system, source code doesn't necessairily have to be released, so how would you want to check those?

Native code implies massive security risks, so if I were developing this I wouldn't let the responsibility at the end-user, who are, generally taken, not very aware of these risks.

And in this case it's not the lack of alternatives that should be the deciding edge. Not too long ago I did some research into scripting engines (and am currently working on my own), and as a very good alternative to native code there is the SeerC scripting engine, offering almost ANSI C scripting with possibilities very near (if not the same) as native code, yet in a somewhat protected environment.

Link to comment

Perhaps a better way to "pack" your assests (models, textures, etc) would be to write up a small app that contains all the necessary code for an addon, and all the end user has to do is compile the assets into the appropriate .dll/.so file wih the exe, and never touch the code itself.

This is both safer and more user friendly.

Link to comment

I'll clarify / elaborate a bit more...

When we refer to "addon", we're refering to a .dll file (or .so on linux servers). When we refer to "modification"/"mod" we're refering to the complete resources needed for the game-mode such as textures, sounds, sprites etc.

Addons will have to be coded in either C or C++. We will be providing support for a free IDE and compiler as well as Visual C++ 6, both will work as well as eachother. We will also be providing some useful 3rd party tools that we think you will find useful along with some sample source code. Although C or C++ knowledge is useful for writing the addon of your dreams, we expect that by reading through the existing code and fidiling around you should be able to get the hang of it easily. We will also hope to provide tutorials and other support for writing specific parts of addons and gamemodes

For common types of mods, map mods, vehicles, etc, you could use a standardized template, so that no code needs to be touched. The template would be stored in a small exe, perhaps a command line app, where with the template, you could "compile" the files required to build the mod against the exe, using the template, to build the necessary .dll file(s).

I'm not sure what else can be accomplished via your method of hand compiling the mods, but i think this would work for msot of the common types of mods.

Link to comment

using a template system can be rather limiting in what you allow a person to do with the addon....

also, we don't want to spend a hwole lot of time writing a scripting parser / engine because we think that our time is better spent giving you the options you need.

Point is... if a person wants to write a virus, there are more effective ways of doing it than through a game addon... C++ addons are viable in HL and UT... and this is no different, just trusting the person you are downloading from is important.

Kent

Link to comment

We've contemplated producing a scripting engine via an addon, or integrating lua or similar, but we don't really have the time, if we want to release blue any time within the next year ;) It'd be entirely possible for someone to integrate a scripting engine, but we believe that allowing C++ addons gives people a lot of power that can be well used (as well as badly used of course).

We will try our best to make everything as straightforward as possible to create an addon, and I'm sure some people will make tools that make it even easier, once we release the SDK.

eAi

Link to comment
but we don't really have the time

May I point you to the fact that there are quite a few good and fast ready-to-use scripting engines. Embedding those wouldn't take more (possibly even less) time than implementing dll support. The engines are well enough to give the scripter enough power to effectively create addons.

Besides that dll's aren't portable, so it's up to the mod maker to also compile it against linux, and not everybody may be able to do so (making the whole less portable).

Link to comment

As you don't know quite what addons will have access to, its hard for you to judge how easily they could be implemented. I have looked around at some scripting engines and none of them could be implemented easily enough for what we require.

eAi

Link to comment

maybe its an idea to use a service intregrated in SP2 for WinXP , the programmer (The MTA team in this example) , can use it to only give an other programm (an addon) acces to gta-vc.exe , and not other processes and folder. Or you could write some code that prevents acces to anything outsite the Grand Theft Auto Vice City folder :S Jsut suggestions...

Mr.Xanni

Link to comment

I don't see what the big deal is. You take exactly the same risk when you download a mod for, say Half-Life, or when you download anything executable for that matter (e.g. a utility from download.com).

It concerns me that a lot of your suggestions may limit unscrupulous users, yet they will also limit those with a legitimate use for a particular function.

Also, btw, a lot of virus scanners can detect "virus-like activity" and flag up a message to the user. I'm not sure how effective this is though.

Link to comment
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...