![]() Launch your Kerbal crew into orbit and beyond (while keeping them alive) to explore moons and planets in the Kerbol solar system, constructing bases and space stations to expand the reach of your expedition. You have access to an array of parts to assemble fully-functional spacecraft that flies (or doesn’t) based on realistic aerodynamic and orbital physics. (Links all over the place, because I realized I'm using too much jargon and abbreviations.In Kerbal Space Program, take charge of the space program for the alien race known as the Kerbals. It requires a fairly senior person with background in scripting, so unless there is strong desire to have VPL in KSP2 in general, I would still go with JavaScript as a better option for Workshop. Win-win-win, but not just any software engineer is going to be able to set all of this up. Then even if you transpile the VPL into bytecode for evaluation on conventional VM for efficiency, so long as you only distribute the raw VPL with your Workshop entries and your transpiler does good error checking, then you can have all the performance of a good bytecode VM with security and ease of use of VPL. It's generally a lot easier to secure a node-based script, because all the relevant data can be required to be stored within a node. It's hard to do in general, but as discussed in logic gates thread, VPL is actually a good way to achieve it. From there on, it's just a matter of making sure your API doesn't provide any arbitrary file or network I/O and you're set.įinally, you can run your own VM that you make sure cannot be exploited. At work, we are using these to create Python bindings inside all of our C# tools, and while it's a bit of an effort to set up a custom attribute like this initially, thereafter, any API call you are using in parts code you want to be accessible from JavaScript would just take something like attribute and just work. The only disadvantage here for a game like KSP2 is that you'll need to make sure your API has JS bindings, but C# actually makes that very easy with Attributes. JavaScriptCore used by all iOS devices or V8 used by Chromium and Android devices are good candidates, as they are well tested and open source. Letting modders run JavaScript is an excellent way to have them extend the game without creating giant security holes. Fortunately, the entire internet relies on existence of fast, reliable, and secure VMs - specifically, for JavaScript on web pages. Now, there are plenty of stories where VMs have been exploited to gain arbitrary code execution, so not just any VM will do. This is a lot of work, however, and I wouldn't even fully trust myself with something like this, so this would take a security expert hire to do this right.Ī better approach is to run the code in some sort of a VM. In that case, worst it can do is break something in the game. Even an executable is reasonably safe, because if you create a separate process with no kernel modules, and only provide your custom API, which is carefully designed to prevent malicious operations, then all the code can do is talk to your API and perform actions in the game. The general approach is to create a sandbox for imported code. Unfortunately, I haven't looked at either Cities Skyline or Truck Simulator mods, so I can't comment on these specifically, but there are safe (to within reasonable definition) ways to distribute code with UGC. A bad actor with burner Steam account and KSP2 key could hit thousands or tens of thousands of machines with malicious software, and that will make it worth it for somebody. With KSP2 reaching for wider audience and if there will be Workshop support, this all goes out the window. The reason this hasn't flared up yet is because KSP modding community is fairly niche and basically works on reputation. So downloading a stranger's KSP mod is a huge risk. In fact, in a lot of ways even worse, because it's easier to sneak a DLL file past antivirus software, as it might not match any known signatures, and malicious behavior is easier to obfuscate if you can use engine API for parts of it. That can contain absolutely anything and is about as secure as running an executable you downloaded straight off the internet. ![]() The problem with KSP mods is that they are distributed with a compiled DLL plugin. scs files, probably acting like archive for everything inside. Plus, at least in truck sim case, mods are just separate. I suppose they don't interfere with game code and just work on top of it. I wonder how some mods for, let's say, cities skylines or truck simulator work then. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |