On Lua Scripting Limitations

Feedback on past, current, and future development.
User avatar
wazabear
Posts: 96
Joined: 13 May 2020, 19:31
Gitlab profile: https://gitlab.com/glassmancody.info

Re: On Lua Scripting Limitations

Post by wazabear »

AnyOldName3 wrote: 07 Apr 2021, 22:23 If we put a button in the launcher, users are aware when they're clicking it. If we add an API to do the same thing in-game, the user doesn't know when a script's calling it without asking them.
What about exposing a special file dialog widget to the system then? It would have the exact limitations and functionality as the thing in the launcher and would address this concern.
User avatar
AnyOldName3
Posts: 2666
Joined: 26 Nov 2015, 03:25

Re: On Lua Scripting Limitations

Post by AnyOldName3 »

I'd intended to add this as an edit, but you ninja'd me. There's the important thing that some platforms don't let apps write to arbitrary files. If, for example, the engine gets one big binary blob it can write things into, we'd have to implement a whole filesystem to let mods store stuff as files, but if they store it as Lua tables, we just serialise the Lua table, and then presumably if it's possible to have sharable stuff at all on those platforms, we should be allowed to generate a YAML file you can post to facebook or attach to an email from the serialised Lua table.
User avatar
wazabear
Posts: 96
Joined: 13 May 2020, 19:31
Gitlab profile: https://gitlab.com/glassmancody.info

Re: On Lua Scripting Limitations

Post by wazabear »

Well, it is just the general theme of things I suppose. Don't let modders shoot themselves in the foot or mess with things like filesystem because you don't trust them (whether malicious intent is intentional or not).

If you want mods to continue shipping with binary blobs, this is the road to it. I don't need to look far to point to the countless mods which do this, even those with a script extenders (usually they are written in C++ and have a high barrier for entry). It's because modders can't do what they want to do from in-game, either because they don't want to go through trouble of learning how to write the weird scripts for the extender, or the existing in-game modding tools aren't powerful enough.

I for one will be forced to ship my Lua mods with binary blobs (unfortunately), because it's becoming quite clear that what I want to do will not be tolerated and does not fit in with the current philosophy.

Edit: Last bit sound sounded a bit harsh, I just meant that I need to do "Task A", and the only way to do it is with filesystem access.
User avatar
AnyOldName3
Posts: 2666
Joined: 26 Nov 2015, 03:25

Re: On Lua Scripting Limitations

Post by AnyOldName3 »

You're making mountains out of drawings of molehills. You can share configs nicely with this setup. It's nicer than the setup that people have been living with for decades as you don't have the battle of XML vs twelve-different-flavours-of-INI vs JSON vs YAML vs TOML vs CSV vs completely made up text-based format vs completely made up binary format that people have been dealing with for years. It doesn't even stop the exported file actually living on the disk as a loose file on platforms that support that, just means there's a consistent interface for platforms that don't.
User avatar
wazabear
Posts: 96
Joined: 13 May 2020, 19:31
Gitlab profile: https://gitlab.com/glassmancody.info

Re: On Lua Scripting Limitations

Post by wazabear »

I think "nicely" is a bit subjective here, so I won't try and argue that part (I hold the opinion that in-game configuration is always superior to anything offline). The thing is you're outright barring people from doing this if they want this behavior.

It doesn't change the fact if you need something more complex then a config file (like the Fallout example you linked) you will need to publish your own tool with your mod (just like the author did). I think people can be 'trusted' with something as simple as a file browser widget. If you're really that concerned as a user, then cancel the widget whenever it pops up. I can take a guess, 99.9% of people don't care and 99.9% of mods will never snoop around your home folder and find your hidden stash of The Bachelor and sell the information to Google.
User avatar
Husaco
Posts: 44
Joined: 07 Aug 2011, 11:54
Location: Australia

Re: On Lua Scripting Limitations

Post by Husaco »

I don't want to needless further a rather fruitless discussion here, but I do want to make the point that the security risks associated with unrestricted file and network access are not a remote, academic question that can be blithely dismissed.

I'm not sure from the discussion whether the question is "sandboxing is dumb" or "the sandbox should accommodate some sort of network/file access", but if everyone agrees that in principle that these things need to be sandboxed, I don't see what more is to be said when newscript is nowhere near a final implementation.
User avatar
wazabear
Posts: 96
Joined: 13 May 2020, 19:31
Gitlab profile: https://gitlab.com/glassmancody.info

Re: On Lua Scripting Limitations

Post by wazabear »

I'll leave it at this, I could point to a million cases for the three you just listed. The fact you need to go to games like Garrys mod and GTA V are pretty clear indicators how rare this actually is (those are literally some of the most popular games in the world, run my billion dollar corporations). You're right though, this "discussion" is fruitless, too many things going on that are wishy-washy and I'm clearly outnumbered 8-). Best to put efforts into the actual implementation, from all of this the very least is that OpenMW will need some type of in-game mod configuration menu built in, so this will be where my interests and thoughts will lie.
User avatar
psi29a
Posts: 5355
Joined: 29 Sep 2011, 10:13
Location: Belgium
Gitlab profile: https://gitlab.com/psi29a/
Contact:

Re: On Lua Scripting Limitations

Post by psi29a »

CyperPunk 2077...
https://www.ubergizmo.com/2021/02/cyber ... ontrol-pc/

You know, if case you needed a modern example.

PSA - Cyberpunk 2077 currently has a security vulnerability if you're using mods or downloaded saved games!
https://www.reddit.com/r/cyberpunkgame/ ... _security/

Agreed though, let's get some foundations into OpenMW first and go from there and grow/expand our API as time goes on. I think OpenMW has a far greater capacity to work with modders than closed-source software. So if there is something modders need and we can implement it in a sane and safe way, we can do that.
User avatar
heilkitty
Posts: 158
Joined: 11 Aug 2011, 07:57
Location: Vivec City, MW
Contact:

Re: On Lua Scripting Limitations

Post by heilkitty »

What wazabear means is Morrowind is somewhat of a niche community, so potential malware creators would not be motivated to make OpenMW-lua malware mods. The fact, that there are still no malware mods for MWSE, even though it's basically asking for it, speaks in favor of this point of view.
I'm saying this, even though I'm all for sandboxing.
Image
Clement
Posts: 9
Joined: 03 Jul 2018, 10:41

Re: On Lua Scripting Limitations

Post by Clement »

A malware may not be intentional. For example, I could write a bash script that legitimately wants to delete a directory with the command "rm -Rf $HOME/$SOMEPATH", but if, because of some bug, $SOMEPATH is empty, I just deleted your home directory.

All modders are not scripting experts, they should not have more power than the ability to break my current save.
Post Reply