Spring RTS Engine

It'd be dead easy to bundle a trojan into an AI dll, and probably doable from Lua in a mod, depending on how much filesystem and OS access Lua has. And that's before even thinking about buffer tricks.

Do ais have access to raw system calls? Not much of a 'virus' if it can't get out of the spring directory.

lurker wrote:Do ais have access to raw system calls? Not much of a 'virus' if it can't get out of the spring directory.

Umm, aren't they straight up DLLs? There's no sandbox on native code. Remember when people were implementing music players as an AI dll, simply because that was the only place you could load an arbitrary DLL in Spring?

You can't redirect any calls on dlls?

lurker wrote:You can't redirect any calls on dlls?

Never heard of it done. A quick googling showed that Google has a project called "Native Client" for untrusted native code, but that's the only one I've ever heard of.

AI's are 100% unsafe.

LUA is relatively sandboxed (though I'm pretty sure I've seen some loopholes / unfinished security checks here and there) but for example a LUA gadget/widget can not run shell commands or call into DLLs, AFAIK.

(Which an AI DLL can do, of course.)

It might be a good idea to block lua from writing anything with an executable extension.

Last I checked anything with the VFS could pull out directory listings of anywhere on the main filesystem including places like C:\Windows\

True, but you can't open any of those files.