kasran, fourier transfemme

more tech musing 

i wonder if it'd be possible to have some kinda permissions based embeddable runtime for stuff like games to include as part of their modding platforms. ideally you'd formally verify it in some meaningful way so that games using the runtime can know that untrusted code from arbitrary mods the player downloaded won't be able to do anything unscrupulous, like store huge data or connect to the internet, without their express consent

im sure there's problems with this idea tho lmao

1+
kasran, fourier transfemme
Follow

more tech musing 

like, in order to do it properly you'd have to also trust that untrusted mod code can't exploit the interface between the mod platform runtime and the rest of the game to do something unscrupulous, and ugh

but im not trying to build a secure kernel here, just tryin to offer a bit more peace of mind, i guess. but then why go to the trouble of formal verifidhwhcujdjejebfjsjuydhcnkr

· · 2 · 0 · 0
kasran, fourier transfemme

more tech musing 

i just think it'd be lovely if it could be easier to share small pieces of code in a trustable way

both among users and among applications themselves! i could imagine some scenarios where it might behoove an app to programmatically tell another app "hey run this on the data i'm gonna send you", an operation which is incredibly dangerous at present but would be useful if it could be made safer

idk. there's a reason i didn't go into software security haha

0
:puffin: gulfie :over18:

more tech musing 

@typhlosion you might be find Garry's Mod interesting, it has a Lua interface for custom content.

1
kasran, fourier transfemme

more tech musing 

@gulfie i mean, plenty of games have lua interfaces. the problem with lua, and really with any embedded runtime i know of, is that untrusted lua code run unchecked can potentially run arbitrary system commands and store arbitrarily large files and do all kinds of other nasty things if it's malicious

1+
Dex 🔞 - :dex:

more tech musing 

@typhlosion @gulfie yeah lua wouldn't be suitable for running on consoles for that reason

I think the Xbone version of Fallout 4/Skyrim SE does allow for some changes to be made within the game's scripting framework - most of the things you can do on PC without the Skyrim Script Extender/FO equivalent, I believe.
(The PS4 versions are more locked down, so mods there are more visual changes or stat adjustments)

0
:puffin: gulfie :over18:

more tech musing 

@typhlosion to be clear, when you join a Garry's mod server, about half the time you will get a bunch of custom Lua scripts that get downloaded and executed safely in some sort of sandbox.

0
Sign in to participate in the conversation
Awoo Space

Awoo.space is a Mastodon instance where members can rely on a team of moderators to help resolve conflict, and limits federation with other instances using a specific access list to minimize abuse.

While mature content is allowed here, we strongly believe in being able to choose to engage with content on your own terms, so please make sure to put mature and potentially sensitive content behind the CW feature with enough description that people know what it's about.

Before signing up, please read our community guidelines. While it's a very broad swath of topics it covers, please do your best! We believe that as long as you're putting forth genuine effort to limit harm you might cause – even if you haven't read the document – you'll be okay!

Resources

Developers

What is Mastodon?

awoo.space

  • v3.5.3+glitch

More…

v3.5.3+glitch · Privacy policy