Please Be Careful With Missions Files

[fearlessfrog]

Hi,

I'll post this here on the main forum, as it's not got much traction in the FMB sub-forum:

http://forum.1cpublishing.eu/showthread.php?t=22978

In summary, download mission files from people you have some knowledge about. The scripting of mission in CoD is powerful, but allows bad people to do bad things, i.e. a mission file has permissions to access your other non-CoD files etc.

In the world of sims the chance of anything bad happening is (I think) very, very small, but people need to at least have the info to make their own judgement.

I'm very much enjoying CoD, and hope to see it getting better and better over time, but this type of issue is a real security vulnerability and should be addressed, hopefully quickly.

Thanks.

[Longbone]

I'm not a C# specialist, is there a chance to make Script's save ?

+1

Thanks for the advice

Thanks Frog.

[Ralith]

They're not dangerous to clients in the first place; this is just alarmism by people who don't know what they're talking about. Scripts are executed on the server only, and even at their most malicious cannot have any direct effect on clients. Certainly a server admin should be careful about scripts he downloads, as should a regular user running scripted singleplayer missions, but there is NO danger to clients connecting to servers running scripted missions.

[naz]

Excuse me if I am misunderstanding Ralith, but are you agreeing that their is indeed potential for malicious single player missions? If so, I hardly think this is alarmist by fearlessfrog.

Many players of the original IL2 seies (including myself) are/were offline players predominantly or solely. I downloaded and played a huge, and I mean huge, amount of missions and campaigns over the ten or so years of IL2. I've even downloaded and played user made missions for CoD already.

If there is indeed a security vulnerability in the way missions (single offline or online) can be built and/or scripted, then it needs to be addressed sooner rather than later.

Again, If I have misunderstood, my apologies, but thanks for pointing it out Frog and I hope Luthier is or becomes aware of the potential issue.

[ZaltysZ]

SP missions are not sandboxed currently. This means, that mission script can get same rights as an user you use to run a game. So, watch what you download.

MP mission scripts are executed on server, so you should not be exposed to malicious code just by connecting to server. However, there are classes, whose are responsible for briefing and UI elements scripted on server, but displayed on client. Those could be used for malicious stuff, but so far it seems they aren't accessible from scripts (or I simply don't know the way).

[Longbone]

Quote:

Originally Posted by Ralith

They're not dangerous to clients in the first place; this is just alarmism by people who don't know what they're talking about. Scripts are executed on the server only, and even at their most malicious cannot have any direct effect on clients. Certainly a server admin should be careful about scripts he downloads, as should a regular user running scripted singleplayer missions, but there is NO danger to clients connecting to servers running scripted missions.

As for myself I'm playing mostly offline.
That's why I'm asking, is there a way to check downloaded mission's
because I'm no C# expert.Could there be signed system like they do in ARMA missions/addons ?

Sorry for my bad english

[MadTommy]

Quote:

Originally Posted by ZaltysZ

SP missions are not sandboxed currently. This means, that mission script can get same rights as an user you use to run a game. So, watch what you download.

MP mission scripts are executed on server, so you should not be exposed to malicious code just by connecting to server. However, there are classes, whose are responsible for briefing and UI elements scripted on server, but displayed on client. Those could be used for malicious stuff, but so far it seems they aren't accessible from scripts (or I simply don't know the way).

Thanks ZaltysZ

Quote:

Originally Posted by fearlessfrog

Hi,

I'll post this here on the main forum, as it's not got much traction in the FMB sub-forum:

http://forum.1cpublishing.eu/showthread.php?t=22978

In summary, please only connect to CoD servers you trust and download mission files from people you have some knowledge about. The scripting of mission in CoD is powerful, but allows bad people to do bad things, i.e. a mission file has permissions to access your other non-CoD files etc.

In the world of sims the chance of anything bad happening is (I think) very, very small, but people need to at least have the info to make their own judgement.

I'm very much enjoying CoD, and hope to see it getting better and better over time, but this type of issue is a real security vulnerability and should be addressed, hopefully quickly.

Thanks.

fearlessfrog can you please edit your posts, as spreading false info is NOT helpful!

You state that connecting to servers is dangerous, which it is not. Downloading single player missions with scripts is another matter.

[Longbone]

OK I know nothing is save in Internet don't panic and OK fearlessfrog please edit your post.
But it must be said for me it was very helpful Thank you again !
Truthfulness is that alot of people play downloaded SP missions and that information is very helpful for them.
I think it could be an easy to use tool for bad people
because Virusscanner don't recognize something ?

[fearlessfrog]

I'll be happy to edit the MP bit, and as I said (a few times) in the post the scenario needs either verification or a comment from 1C. Just to be clear, has anyone run the test mission in the other thread to test for this conclusively yet? (I don't have the setup, I'm typing on an iPad )

As for accusations of FUD, the SP lack of sandboxing is proof to me that security was not considered at all. It will take one bad mission file (you expect people to read the C# before playing, yeah ok?) and it will come back and bite CoD and mission makers everywhere.

Ignoring it or flaming the messenger isn't a solution.