[Date Prev][Date Next][Thread Prev][Thread Next]
- Subject: Re: Re: Sandbox implementation
- From: Frank Kastenholz <fkastenholz@...>
- Date: Mon, 27 Mar 2017 10:29:37 -0500 (CDT)
On 03/25/17, David F wrote:
> Hello, thanks for the insight
> As I said, preventing crashes or freezes are not my objective. While
> they suck, they don't do any major damage compared to a virus.
If the user is not a programmer, and they have downloaded/installed some Lua mod
to the game that then proceeds to make the game unplayable because the mod
sucks up all memory or uses all of the CPU (or, for that matter, the mod prevents the
machine from being used for the same reasons ... does that count as "mess peoples' PCs up"?
Also ... assume that the bad guys are as smart as you are, maybe smarter, and that they
have a lot of time to try and break through the protections you build. So you have to ask
"If someone was smarter than me and had more time than I do ... is there any possible path
through _this_ part of the system that they could break?"
> Host api is rather small but certainly a thing I'm keeping an eye on.
> I'll just disable the ffi. Is there anything else perhaps that could be
> vulnerable? If neccessary I will switch to PUC-Rio, but that free
> performance boost is certainly nice to have.
I am not familiar with game mods ... are they in the time-critical portion of things?
If not, don't worry about the performance. Also, until you measure things, you
won't know whether the Lua (LuaJIT or PUC-Rio) mods are problems or not.