precompiling your shard to run on a remote host - repost

Out of respect for the RunUO dev team I won't repost my deleted post on how to achieve this.

I would however like the dev team to reconsider their stance on this subject.

My reasons for having a precompiled shard is simple, security. We are not all fortunate enough to have secure hosting.
How the argument of not sharing fits into this I still cannot grasp. If I make a totally custom shard with custom scripts and don't post any of them, assuming they are securely hosted, how does this encourage sharing of scripts any more than a secure compilation of my scripts? The author still has the choice to share.

The issue here is security not sharing.

[Phantom]

The issue is this won't happen.

Ryan has made his thoughts clear in the other post where somebody asked this.

If your host is not secure make it secure. Get a job and pay for professional hosting. Then you will have a secure hosting.

The RunUO team I don't think can make special request just because one person does not have the ability to find a secure host.

Also I just though of this. If you host is not secure thats not our fault. If you want pre-compiled script file, RIGHT THERE you are not sharing. You won't share I know the kind of people they want their shard of one a kind. Guess what RunUO Team likes originality however, they want people to share. Would you share all of what you do? I would guess NO, because your not even willing to share with your host.

If your host is not secure FIND SOMEWHERE ELSE. ITS NOT The RunUO Team's fault. I don't want you suggest, I am sure alot of people who actually share scripts don't want it.

Quote:

Originally Posted by Ryan

We understand your plight but will not do this.

This promotes people not sharing thier scripts, which is something we do not support

So everyone is clear. When I said something in Caps I was making a point. I was not yelling. I am still unclear why Rainman said I had to many commas. However, I deleted some, thought they were needed though.

...to many commas.

Their are secure methods through windows nt\2k\xp that make it so the software itself doesn't need to be extra secure for remoting.

nuff said.

It would be nice to get a response from the dev team on this instead of personal attacks from people such as l33tness itself, Phantom.

,,,,,,,,,,,,

Quote:

If your host is not secure make it secure. Get a job and pay for professional hosting. Then you will have a secure hosting.

,,,,,,,,,,,,,,,,,

You just don't get it do you Phantom? You are so stuck on your title that you forgot how to have a descent civilized discussion?

,,,,,,

Quote:

If your host is not secure FIND SOMEWHERE ELSE. ITS NOT The RunUO Team's fault. I don't want you suggest, I am sure alot of people who actually share scripts don't want it.

,,,,,

yup, you definately have no idea what I was trying to get across.

,,,,,,,,,,,,,,,,,

[code:1]Would you share all of what you do?[/code:1]
No I would not like to for specific reasons. Not for the sake of sharing but for revealing everything in a custom gaming world. What fun is it discovering when instead you can read the source on a public forum?

,,,,,,,,,,,,,,,,,

Please note that when I shared my code, it got deleted. I don't mind sharing m8 but I do prefer to have the choice of when, what and where I share to who.

nuff commas? If you could understand my first language it would have made it easier for but beeing derogatory shows nothing but your own ignorance.

This was a descent topic with good potential for debate, don't turn it into a pissing contest.

ps Phantom, by your title I assume you are supposed to be helpfull to the noobs on the forums. Stop acting like an illeterate fool and answer people's question with a little more detail than 'Do a search'. Being friendly and civilized will do a lot more for the RunUO community than OUTBURTS and short tempers.

[Zippy]

Okay here's a personal response from me....

First off, thanks for not reposting what you posted before. I deleted it because "we" (the Devs) do not want runuo to be decompiled in any way. If you know how to do it, fine, good luck and all that, but all posts about it will be deleted no questions asked. I'm not going to go into it any more, i think it's fairly obvious why we don't want people decompiling runuo....

As for RunUO loading precompiled DLLs......
The main reason I don't like this is simple. Since RunUO uses C# dlls as scripts, literally anything can be done from a dll. Wipe your whole harddrive install trojans, you name it. Allowing RunUO to use precompiled DLLs means inevitably someone will write a really kickass script, and ONLY offer it in compiled form. There's no telling what else this script could posses, from giving the scripter backdoor access to your shard all the way to compromizing your entire harddrive.

Everyone says its a "use at your own risk" type of deal, but I will feel horrible the first time someone looses a whole shard--or worse--from something like this.

If you can think of a way we can allow precompile dlls without loosing peace of mind, I'm all ears.

And I encourage you to keep talking about it, maybe you can convince Ryan, krrios, or myself, and we can convince each other :-)

The best argument for allowing this I have heard so far is simply the inconvience of the server taking 30 seconds to a minute to compile the scripts for server reboot. Being scared your admin is going to steal or modify your work is not a very good reason....

The whole idea is that even if security wasn't an issue, I hate the though of people distributing only DLLs because they want to keep the 'magic' to themselves. We are trying to build a community, we need everyone's participation.

Imagine if Ironfist had posted all of his work as DLLs rather than cs files. He has done some really great stuff, but it wouldn't be very useful to most of us if it was all precompiled.

I agree with you that compiled dll's should not be distributed. That was never my intention. As I see it, I would like this functionality for personal use on a 'it is my choice' to share or not basis.

Quote:

I discourage anyone to accept a compiled MyShard.dll from anyone they do not explicitly trust. With RunUO's scripting architecture any scripter has absolute control over your system which could be a huge security risk. The same is true for compiled or uncompiled scripts.

You mention the security risks involved as I did in my original post but you place so much focus on a compiled version of the scripts that you overlooked the fact that the same security risks exists in any uncompiled script. Many shard admins will not be scripters and won't be able to read each script and understand each script that will be written in the future. I'm convinced that 90% of the users on this forum that downloaded scripts, first ran them and then maybe had a look at the inner workings. Some of them propably had no idea what they were looking at and as long as there was no 'Format c:' string, all was OK
Any one of those scripts could potentially have had disasterous effects.

Yes there is a lot more risk in accepting a distributed dll than scripts, yet the same risks exist.

I have never seen RunUO make any of their users aware of the possible high security risk involved in normal uncompied scripts, yet it is used as an argument to strengthen your case agains precompiled scripts?

You seem to have the view that by compiling a secure dll it will somehow stop people from sharing their scripts. I am convinced that Ironfist would have shared his excellent work with everyone whether he had precompiling functionality or not. To share you have to actually post the code in an open forum such as this. He could just as easily have kept the scripts to himself, uncompiled and running on his secure server. Who knows there may be many people that have already written many scripts which we will never lay eyes on. precompiling or not they are already making a choice to share or to squirrel their code and you will never have control over that whether you want it that way or not.

The problem as I see it is this. It should be possible for a shard admin to precompile his scripts for his own use only. This is for security reasons and to ensure that his right to privacy of his work is ensured. The same as you would like to keep the source of RunUO secure and no posts published on how to modify it
I agree that distribution of compile scripts should not be possible though.
If there is a way to achieve these, precompile without distributing to others then you will make many people happy and this entire issue should be resolved.

Quote:

If you can think of a way we can allow precompile dlls without loosing peace of mind, I'm all ears.

How can you claim peace of mind now if the same security risks already exists in uncompiled scripts?
I wish I had the answers but I don't. Perhaps someone else in this community with more experience in access restrictions on the MS OSes could shed some light here.

The solution to this? I haven't got the foggiest. Defining the problem at least might give us a chance to find a solution.

[Phantom]

This guy is clearly only here to cause trouble. I don't consider myself elite, I have alot of things to learn. I am very nice to alot of people however, human nature allows people to just hit a button once in awhile.

If you think I was given this title for any reason other than I post alot then your sadly very mistaken. I didn't request anything. In fact I would rather have no title you wouldn't be able to use it against me. I suppose however, you would use my post count against me.

Don't you have anything better to do then point out my flaws? Be a part of this community for months and then you will understand why I stand behind the Dev Team so much. RunUO is the only thing that has made me have fun for 3+ years. Please don't speak badly of me. I am here to help this community and grow us a programmer from what I learn making scripts.

Assumption is the mother of all screwups. As you said sometimes you just push the wrong button.

Phantom your initial reply to my post was nothing but a personal attack on me. You have no idea who I am or what I do for a living. Find a job? No thanx m8, thats why people work for me and I pay the salaries.

TYPING IN CAPS is widely accepted as a method to indicate sreaming at someone. I would never condone such behavior from the people on my helpdesk. Bad day or not you deal with the stress of the job or quit. You guys are trying to build a descent community behavior such as that does no good for the building process.

Quote:

This guy is clearly only here to cause trouble

No this girl is not here to cause any problems. I raised an issue that I feel has not been given due consideration. You can see that as causing trouble or as contributing. Its your choice as to how you view it.

You propably had a bad day, no hard feelings.

[Phantom]

Your response to me also was a personal attack.

Yes my post was perhaps to personal and for that I am sorry. However, my views I hope were clear. If you do not have a secure host, then find a new host.

It might not be real world. But it should not be RunUO's job to work with people outside of how THEY want to do stuff. I cannot speak for anyone but me. But its clear to me that Zippy and Ryan made their feelings on this subject clear.

Just drop it. If you don't then your looking to cause trouble.

I am not going to waste anymore of my time on this subject.

Nothing Personal of course,

So you know I had a great day, even after your post I still having a good day.

Quote:

Originally Posted by Rainman

Their are secure methods through windows nt\2k\xp that make it so the software itself doesn't need to be extra secure for remoting.

Ziggy, you need to speak to Rainman about the security issues, seems he has the answers on that.

A solution to the problem could be closer than you thought

[Quinox]

I stand with the Devs on this matter, as well. Compiled DLLs are more of a security risk than a solution. It does not stop anyone from sealing your scripts. Anyone who has the DLL has the work, they just can't view or change it. This is a problem for two reason. One, our community is built on sharing eachother's work to better the project. Without the cooperation from everyone in the community, our efforts will be severly hindered. And two, as Zippy mentioned, no one knows what is in a compiled DLL. If they're allowed to be used, then sometime it WILL be abused by someone. And yes, it can be done in script, but 90% of the users can catch it and report it quickly. And if you're worried about the trust of a host, then don't you think they should be worried about your trust too? How do they know you're not sending them a trojan? Not having the ability to use compiled DLLs is an incovenience at best, and one not worth the potential of it being used as a means of attack. The threat of attack is far more important than the threat of shared scripts.

[Phantom]

Quote:

Originally Posted by Quinox

I stand with the Devs on this matter, as well. Compiled DLLs are more of a security risk than a solution. It does not stop anyone from sealing your scripts. Anyone who has the DLL has the work, they just can't view or change it. This is a problem for two reason. One, our community is built on sharing eachother's work to better the project. Without the cooperation from everyone in the community, our efforts will be severly hindered. And two, as Zippy mentioned, no one knows what is in a compiled DLL. If they're allowed to be used, then sometime it WILL be abused by someone. And yes, it can be done in script, but 90% of the users can catch it and report it quickly. And if you're worried about the trust of a host, then don't you think they should be worried about your trust too? How do they know you're not sending them a trojan? Not having the ability to use compiled DLLs is an incovenience at best, and one not worth the potential of it being used as a means of attack. The threat of attack is far more important than the threat of shared scripts.

I agree with Quinox 100% I could not have said it better. Infact I was not able too. This has already been put in the ground so many times its not funny.

[Static Loader]

The power and goodwill of RunUO is very good for one reason. They have a few members ONLY working on the core and when they do get requests like this, they either think "We thought about it to, lets do it," or "Sounds nice but no" response. Im sure your request for DLLS can be argued either way but im just telling you, dont plan on it becuase RunUO has a good way of just doing what they want and ignoring the requests ofthe peoeple (not all of course). You should just say, consider this but understand it will probally never happen unless you do it. Which brings another thing, if someone likes a idea, screipts it, it THEN is also considered for the release. As Zippy said, which i cant remember, but hey, lets put words in his mouth, he said that it could be a idea and it can be safe or not but he would need convincing of why to have it.

OF course I just lost what I was trying to say so ignore this all and have a good day. Lol, why do I always forget what im trying to say?

Oh ya, I think we should all leave this behind and keep waiting for new releases.

[Phlegyas]

Well, I suppose I'll put my 2 cents in.

I completely agree that all source code should be freely available. It not only helps newbies like myself, but it gives people peace of mind, in that they can look through the source for trojans, bugs, etc. Not that many folks actually do look through the source, but there are always those few that do....and those few would post any security issues publicly. As with most open source software, the recommendation is to download the source and compile it yourself (though many go straight for the executable either because of laziness or lack of experience). In this case I would actually recommend that the "executable" (scripts.dll) not be distributed at all and all distros should have source code only. (Not core, for obvious reasons)

However, I do think that being able to compile all of your scripts to a scripts.dll file and uploading just one file to your server would be a great advantage. Here's my example:

I have a windows machine that I'll be doing all of my development/testing on. I have a linux host with the bandwidth to support a shard. I will be coding and getting source code from various places (Dougan, great work man) and compiling on the dev box and testing. Once I get everything to a stable state, it would be nice to compile to one file and 'SHIP IT!'....er...upload it to the live server.

When the next dev phase goes on, I can change scripts, add scripts, remove scripts, etc. Then test again on the dev/test box. And before I upload it, I can make a backup of the scripts.dll file, and upload the new one. If anything goes wrong, I can replace the scripts file with the last known working version, and be on my way.

So, in my humble opinion, it would be nice to have a configurable option: CompileScripts=true/false. And my dev server would always run on true, and live server would run false. Meaning I would always compile ALL scripts before I upload to the live server.

Thanks,
Phlegyas

[Bahamut-Zero]

How about you host the shard yourself and get all scripts secured? Run on DNS, so nobody get can your ip and so on

Please dont just start this again.. If you cant get your scripts secured and you cant host it.. THEN DONT DO IT! So simple.. I can only say that people should not require stuff from the developers, which wont be done by them. Take a closer look.. You should realize it by yourself.. Otherwise you have to be a disabled, idiotic, slow fat coral fish

Best way to secure stuff, is the way Phantom suggested.. or host it by yourself.. :twisted:

[abaddon_knight]

*comes in with head down* don't want to get hit by someting being thrown!

As far as security goes........yes using uncompiled scripts can be unsafe. However, if you do not know what is in the script, and you can't understand it, it isn't RunUO's fault. However, if they did it with dll's so no one knew or could find out, then they would be at some fault. Or at least, not be able to sleep knowing they helped something pretty spread. At least the way it is now, it gives everyone the chance to see what is going to happen. If they need to learn more, then they can.

I can honestly say, I would not download anything for RunUO if it was only dll's.................bu that is just me.

(7 commas) LOL

[Phlegyas]

First of all, Bahmut, Ouch!

Secondly, I DO host my own dedicated server, and I AM in charge of security. You'll notice that my post never mentioned security in that way. The only security that I mentioned was about downloading 'bad' scripts. One more note on security, since we're here....when implementing a security plan, you must take ALL possible precautions. I run a firewall, hoping that nobody will get through, I also run IDS and a number of other things, just in case, but I still don't leave my users passwords sitting on the hard drive in a herearethepasswords.txt file.

I also never suggested sending compiled dll's out, in fact I recommended against it, instead requiring all users to compile their own scripts.

My post was more about convinience, and version control than security.

Also, I've only seen ONE post from a core developer in this thread, and he was very cordial and kind.

Quote:

If you can think of a way we can allow precompile dlls without loosing peace of mind, I'm all ears.

And I encourage you to keep talking about it, maybe you can convince Ryan, krrios, or myself, and we can convince each other

I was giving my ideas, so please, take it easy on those of us who may not agree with you.

Thanks,
Phlegyas

About the 'write a script and distribute it only on a dll' and 'it is against the script share environment achieved in runuo':

a) I don't think any serious shard will ever release its scripts to the public. I will run a shard and i won't release anything. And i doubt any other shard will. Of course, there are people that like to script and give it away, i myself do it and i plan to launch a runuo site, more like a scripters team. But a shard is unicque.

b) I doubt any serious shard will ever use a third-party distro instead of writing its own stuff. First of all, making it is the biggest part of the fun of making a shard. Secondly, if you use a pre-made dll, you won't be able to write anything else.

c) Again, I doubt anyone will start releasing backdoors & stuff on dll's, or even releasing safe pre-made shards.

pre-compiled dll's are:

a) Safe. Not all people can find a safe host. If you can afford it, good for you, some people can, some don't.

b) Easy. You can upload a build for your shard without having to upload 1200 scripts. Of course, you can join all your scripts in a single file, but it ruins exception trapping like in crash guard and runuo's own exception handling.

[Phantom]

Kiff

If I would be interested in joining the group :-) Ever since a bad experience with my own shard, I don't feel like doing a shard. I have more fun just doing scripts. However, I might work for shards now and again...

But you got my contact info so go ahead contact me :-)

ok, ill icq u...

I just can't see the pre-compiling as a way to distribute pre-made shards, that's it. I see it as way to make things safer.

Anyway, im working on it. ive managed to load the DLL through scripts, now ive got to hack the types into the ScriptCompiler.Assembly...

anyways, if someone can't tell if a DLL is safe will they tell if a script is safe or not? You may throw backdoors & stuff on scripts, not only on dlls...

[DarthICE1]

Quote:

Originally Posted by Kiff

a) Safe. Not all people can find a safe host. If you can afford it, good for you, some people can, some don't.

Thats another great thing about linux/unix hosts. There are plenty of professional linux hosts offering shell accounts at a fraction of the cost of windows servers.

For between 10 and 25 bux a month you can get a nice shell account on a fast linux server with a nice 100mbit connection located at a data center. That should give alot of RunUO admins the peace of mind of being able to start a shard on a professional, cost effective and secure server :P

Something for admins to at least consider when Mono catches up 8)

[Phantom]

They already are, well closer than before :-)

[Zippy]

I think some of you misunderstood what i ment about sharing scripts....

I realizing most public shard, especially big ones, will likely not share their scripts, and thats fine by me. I know there is some stuff I wouldn't share if I ran a shard, i want to be the ONLY place you can find it, i respect that.

But, I would rather the choice be this cut and dry, either you share your scripts so everyone can see how they work and do whatever you want with them, or you don't share them at all. Allowing compiled dlls gives a 3rd option, share the dll so people can use it as you have it (and no other way). I'd rather them not be shared than be shared in a DLL.

And yes, i'm aware an uncompiled script is just as dangeous as a compiled DLL, but anyone can look in an uncompiled cs file, and its not hard to see something obviously out of place. Not ever many scripts run threads, processes, open ports, or open files (let alone system files). If the person reading the script is unsure about it's security, they can always learn enough C# to find out, or ask someone else.

With a compiled DLL, these options aren't avaliable. There's no way for you to know whats really going on.

If an uncompiled script harms your machine, I consider it to be more your fault than mine. There's a whole community here, many of which know C#, along with 'the devs' who could easily be asked about potential script backdoors, if you don't want to ask them, thats your problem.
but if RunUO allows compiled DLLs, and you get harmed, I consider it my fault and not yours, although you should be more careful, other than just not using the dll,t heres nothing more you can do.


But for those who are wordering, the change required to allow precompiled DLLs is like 3 or so lines in the core. So it's not like it's hard to imnpliment, it's just a question of whether it's what we want.

[Quinox]

I don't like the idea of taking a script and compiling it into a DLL. There are too many security risks. Even if it is a script that is intended to be shared between the creator and the host explcusively, sooner or later the community is going to use this ability and will turn to sharing DLLs, and that is dangerous. It is too easy for someone to slip destructive code into a DLL and get away with it. And believe me, there are plenty enough people out there willing to do it. And there are also plenty enough people that don't know the dangers, until it happens. Once again, yes you can do it in script as well. But with all the programmers in the community, how long do you think a malicious script would stay in circulation when you can just read the code and spot it. Not long enough to do much damage. But what about a DLL? You can't read the code. And it is very easy to make a malicious script that you may never know is running. How long do you think that will stay in circulation? It could be a long time before someone get suspicious of it. Long enough to do lots of damage.

But then, switching point of views, there are also good reasons to allow precompiled DLLs. Omitting script security (because I only see insecurity from it), there are plenty of commercial DLLs out there that someone my find they need. For example, scripts for web applications, or SMS paging services, or other DLLs that let you tap into other applications, services, or resources. I do not promote precompiled server scripts in any way. I really don't see it solving anything, only causing risks. But commercial DLLs can give a user quite a bit more power over something.

What we need to ask ourselves is, is the risk of malicious scripts worth what DLLs can bring us. Keep in mind, it doesn't just affect you whether or not to we have this feature, but also those that are new and don't know the risks. Everyone needs to be protected. Some may think the threat is nothing, but it opens a seriously big oportunity for hackers and others that want to do malicious acts.

[Zippy]

Commercial DLLs like that can be loaded by your RunUO scripts and used.... These really have nothing to do with runuo allowing precompiled sript DLLs. These commercial DLLs are used differently, and would require that you write a script to use them (and as i said, your script can load and use these DLLs).